last executing test programs:

7.253989466s ago: executing program 0 (id=9045):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x1, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x1)
recvmmsg(r2, &(0x7f0000000740)=[{{&(0x7f00000005c0)=@tipc, 0x80, &(0x7f0000000400)=[{&(0x7f0000000640)=""/251, 0xfb}], 0x1}}], 0x1, 0x2, 0x0)
r4 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
lseek(r4, 0x200, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='sys_enter\x00', r5}, 0x10)
waitid$P_PIDFD(0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$int_in(r6, 0x5452, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@metacopy_on}], [], 0x2c})
r7 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
openat(r7, &(0x7f0000000080)='./file3\x00', 0x0, 0x0)

5.962002252s ago: executing program 0 (id=9049):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000c80)=ANY=[@ANYBLOB="12010000000000406d0422c2000000000001090224000100000000090400000103000000092100000001220b0009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='signal_deliver\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
getrlimit(0xb, &(0x7f0000000040))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r2}, 0x10)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
syz_usb_control_io(r0, &(0x7f00000005c0)={0x2c, &(0x7f0000000300)={0x40, 0x10, 0x14, {0x14, 0x9, "b9c648cd64e488dce9ef3d58bab9d885af6d"}}, &(0x7f0000000340)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0xef4475c06f253db5}}, &(0x7f0000000500)={0x0, 0xf, 0x3b, {0x5, 0xf, 0x3b, 0x3, [@ss_container_id={0x14, 0x10, 0x4, 0x6d, "508e938f47dcbd86a1863358632b300d"}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x7, 0x5, 0x7, 0xd}, @ssp_cap={0x18, 0x10, 0xa, 0xdf, 0x3, 0x8, 0xf00, 0x0, [0xff3f00, 0xff0000, 0x3f00]}]}}, &(0x7f0000000400)={0x20, 0x29, 0xf, {0xf, 0x29, 0x6, 0x8, 0x9, 0x8, "143eff20", "e4d29662"}}, &(0x7f0000000580)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x9, 0x3, 0xb5, 0x7, 0x42, 0x89f6, 0x8}}}, &(0x7f0000000d00)={0x84, &(0x7f0000000600)={0x0, 0x13, 0x67, "9955c13e52a630dcbb9df950a988eff0027a8865d42d462ccf0addfcab244dfe056149efbf196645beb9c5e3bf5711b1fc46b8270009857281461b0f90b7960fc9050b33a3a3fef0f725f89ba6a7b3c1e384bb1d0f71404b411c050ee1ea49f0059b7cee9e9632"}, &(0x7f0000000680)={0x0, 0xa, 0x1, 0x8}, &(0x7f00000006c0)={0x0, 0x8, 0x1, 0x6}, &(0x7f0000000740)={0x20, 0x0, 0x4}, &(0x7f0000000780)={0x20, 0x0, 0x8, {0x160, 0x10, [0x1e000]}}, &(0x7f00000007c0)={0x40, 0x7, 0x2, 0x5000}, &(0x7f0000000a40)={0x40, 0x9, 0x1, 0x4}, &(0x7f0000000a80)={0x40, 0xb, 0x2, "9fbe"}, &(0x7f0000000ac0)={0x40, 0xf, 0x2, 0xffb1}, &(0x7f0000000b00)={0x40, 0x13, 0x6, @multicast}, &(0x7f0000000b40)={0x40, 0x17, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xc}}, &(0x7f0000000b80)={0x40, 0x19, 0x2, "8552"}, &(0x7f0000000bc0)={0x40, 0x1a, 0x2, 0x7}, &(0x7f0000000c00)={0x40, 0x1c, 0x1}, &(0x7f0000000c40)={0x40, 0x1e, 0x1, 0xb6}, &(0x7f0000000cc0)={0x40, 0x21, 0x1}})
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r6, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000940)=@newqdisc={0x78, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4c, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0x4e1e2563543d84f9}, @TCA_TBF_PBURST={0x8, 0x7, 0x1cdf}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x0, 0x2, 0x0, 0xffff, 0x0, 0x3}, 0x766c, 0x81}}, @TCA_TBF_PRATE64={0xc, 0x5, 0xcb59372f370e8465}]}}]}, 0x78}}, 0x0)
bind$packet(r3, &(0x7f0000000040)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$inet6(r3, &(0x7f0000000800)="4103082c1116480401020200c52cf7c25975e005b02f000006892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fed11cb54d046642670041e846bb184ff5d39fe8516d2d2a8d84e6e7dfcb2b8a8023444db513a3d7a124b59f0a5cd36489dbbb75cce3145d0ea3c3aa21af7cbcbc7a7575db782e757ca543109f5ddcec4930aa91f4119ea3d1f56140cb86cfe0724b23904ef5d05c725ee23918a502b1afe09fb0757d", 0xfc13, 0x880, 0x0, 0xfffffffffffffef0)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r7}, 0x10)
syz_usb_control_io$hid(r0, &(0x7f0000000380)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0xc, {[@main=@item_4={0x3, 0x0, 0x8}, @global=@item_012={0x1, 0x1, 0x0, "03"}, @main=@item_4={0x3, 0x0, 0x0, "b53648c8"}]}}, 0x0}, 0x0)

5.487679461s ago: executing program 2 (id=9055):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000280)={[{@minixdf}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nodelalloc}, {@nombcache}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}]}, 0x23, 0x44d, &(0x7f0000000980)="$eJzs28tvG0UYAPBv7SR9k1CVRx9AoCDKK2nSUnpAQiCQOICEBIdyDElalboNaoJEq4oWhMoRVeLEBXFE4i/gBBcEnJC4wh1VqlAvLZyM1t5NbMd2HnXsUP9+0jozu2PPfN6d9exONoC+NZq+JBE7I+KPiBiuZusLjFb/3L55afqfm5emkyiX3/47qZS7dfPSdF40f9+OPDMQUfgsif1N6p2/cPHMVKk0ez7Ljy+c/WB8/sLF506fnTo1e2r23OTx40ePTLxwbPL5jsSZxnVr38dzB/a+/u61N6dPXHvvl++SPP6GODpktN3GJ8rlDlfXW7tq0slADxvCmhSr3TQGK/1/OIqxtPOG47VPe9o4YEOVy+Xy/a03XykDd7Gkcg4ovxS9bgjQZfkPfXr9my9dGnpsCjderl4ApXHfzpbqloEoZGUGG65vO2k0Ik5c+ffrdImNuQ8BAFDnh3T882yz8V8hau8L3ZPNoYxExL0RsTsijkXEnoi4L6JS9oGIeHCN9TdOkiwf/xSuryuwVUrHfy9mc1v147989BcjxSy3qxL/YHLydGn2cPadHIrBLWl+ok0dP776+xetttWO/9IlrT8fC2btuD6wpf49M1MLU3cSc60bn0TsG2gWf7I4E5BExN6I2LfOOk4//e2BVttWjr+NDswzlb+JeLK6/69EQ/y5pP385PjWKM0eHs+PiuV+/e3qW63qv6P4OyDd/9ubHv+L8Y8ktfO182v59K+eSl+v/vl5y2ua9R7/Q8k7des+mlpYOD8RMZS8UW107frJhnKTS+XT+A8dbN7/d8fSN7E/ItKD+KGIeDgiHsna/mhEPBYRB9t8Cz+/8vj7649/Y6Xxz6xp/y8lhqJxTfNE8cxP39dVOrL04avb/0crqUPZmtWc/1bTrrUezQAAAPB/VYiInZEUxhbThcLYWPV/+PfE9kJpbn7hmZNzH56bqT4jMBKDhfxO13DN/dCJ7J5Lnp9syB/J7ht/WdxWyY9Nz5Vmeh089LkdLfp/6q9ir1sHbDjPa0H/0v+hf+n/0L/0f+hfTfr/tl60A+i+Zr//l1d+29aNaAvQXQ3937Qf9BHX/9C/1tP/nTPg7tC2Lw91rx1AV81vi5UfkpeQWJaIwqZoxiZKXN4czehQotdnJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgM74LwAA//8cB+YG")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x10, &(0x7f00000014c0), 0x1, 0x793, &(0x7f0000001700)="$eJzs3c1rXFUbAPDnTpKmb9r3TV4QbF0FBA2UTkyNrYKLigsRLBR0bTtMpqFmkimZSWlCoBYR3AhaXAi66dqPunPrx1b/Bd2ISEvVtFhxISN3PjqTZiadtvloze8Htz3n3jM595l77zln5h7mBrBjjab/ZCL2R8R7ScRwY30SEQO1VH/E0Xq5myvL+XRJolp99bekVubGynI+2l6T2tPI7IuIb96OOJBZW295cWkmVywW5hv58crsmfHy4tLB07O56cJ0Ye7wxOTkoSPPHBncuFj/+H5p79X3X3ry86N/vfXo5Xe/TeJo7G1sa49jo4zGaOM9GUjfwlVe3OjKtlmy3TvAPUkvzb76VR77Yzj6aqne9F4SAHiQnI+IKgCwwyT6fwDYYZrfA9xYWc6nS/X89n4fsdWuvRARu+vxN+9v1rf0N+7Z7a7dBx26kay635FExMgG1D8aER9/+fqn6RKbdB8SoJM3L0TEyZHRZvvfan+SNXMW6nqfkPFUD2VGb8tr/2DrfJWOf55tjf9a11/m1vgnOox/Bjtcu/diNGJXe37t9Z+5sgHVdJWO/54faM1tu9kWf8NIXyP339qYbyA5dbpYSNu2/0XEWAwMpvmJdeoYu/739VUr+lrJ9vHf7xff+CStP/2/VSJzpf+2JncqV8ndb9xN1y5EPNbfKf7k1vFPuox/j/dYx8vPvfNRt21p/Gm8zWV1/Js/q6x6KeKJ6Bx/U7Le/MTD47XTYbx5UnTwxU8fDnWrv/34p0taf/OzwFZIj//Q+vGPJO3zNct3X8d3l4a/7rbtzvF3Pv93Ja/V0s3G41yuUpmfiNiVvLJ2/aHWa5v5Zvk0/rHHO1//653/6WfCkz3G33/118/uPf7NlcY/dVfH/+4Tl2/O9HWrv7fjP1lLjTXW9NL+9bqD9/PeAQAAAAAAAAAAAAAAAAAAAAAAAECvMhGxN5JM9lY6k8lm68/wfiSGMsVSuXLgVGlhbipqz8oeiYFM86cuh9t+D3Wi8Xv4zfyh2/JPR8T/I+KDwf/U8tl8qTi13cEDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMOeLs//T/0yuN17BwBsmt13LHG9sCU7AgBsmTv3/wDAv43+HwB2Hv0/AOw8+n8A2Hn0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGyy48eOpUv1z5XlfJqfOru4MFM6e3CqUJ7Jzi7ks/nS/JnsdKk0XSxk86XZtpf+0OnvFUulM5Mxt3BuvFIoV8bLi0snZksLc5UTp2dz04UThYEtiwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeldeXJrJFYuFeYmHJVEdrh+6B2V/Nj/x88Ef961X5qLTeOMT290yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwc/gkAAP//skMoxA==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000380)='sched_switch\x00', r3}, 0x10)
openat$full(0xffffffffffffff9c, 0x0, 0x20100, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001340)=@newtaction={0x8a4, 0x30, 0x12f, 0x0, 0x0, {}, [{0x890, 0x1, [@m_police={0x88c, 0x1, 0x0, 0x0, {{0xb}, {0x860, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x831, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000]}], [@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6d4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}}}, @TCA_POLICE_RATE64={0xc, 0x8, 0xfffffffffffffff9}], [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xd}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x8a4}}, 0x0)

4.331669935s ago: executing program 2 (id=9058):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008180000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

4.249634932s ago: executing program 2 (id=9059):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x1, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x1)
recvmmsg(r2, &(0x7f0000000740)=[{{&(0x7f00000005c0)=@tipc, 0x80, &(0x7f0000000400)=[{0x0}, {&(0x7f0000000640)=""/251, 0xfb}], 0x2}}], 0x1, 0x2, 0x0)
r4 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
lseek(r4, 0x200, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='sys_enter\x00', r5}, 0x10)
waitid$P_PIDFD(0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$int_in(r6, 0x5452, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@metacopy_on}], [], 0x2c})
r7 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
openat(r7, &(0x7f0000000080)='./file3\x00', 0x0, 0x0)

4.248924052s ago: executing program 1 (id=9060):
prlimit64(0x0, 0xc, &(0x7f0000000140)={0x8}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_getparam(0x0, &(0x7f0000000000))
sched_setscheduler(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fstat(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, <r2=>0x0, <r3=>0x0})
r4 = getgid()
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid={'resgid', 0x3d, r4}}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==")
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000004bc0)=[{{&(0x7f0000000240)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f00000004c0)=[{&(0x7f0000000300)="8f28f2fb050400bbaa19b5afed8fdeff75db6bdcef72692a0fb153115e605cb0c2e3dc2ab3aac44d582d7459270c3c5afabc1e7ab3109f62a8672bb61177710c0372d6b149d8dc6f10070238c222cf8b41b8e352b5e504e16050d317e2b8df53984e2d5b8bbd15d44efa3b6edcba67c91941c973351bd0926ce8f70a08b8468422d256185bb118a045a89f6a732aac4d6fd9e2ce1fb68c435e4bd750a9265fc6442fece446f01d71aba9fe69ed98f970c6d76457c564daa9762108d4cd045e5229cc2f4bb037751caa3000e32aeb9d158601f0dec324c165450365c8a8cb0fc975d21b487c2d627a7c5a23", 0xeb}, {&(0x7f0000000840)="e9b9cddb03d5294184e15b33e0de13130c67ec18e86be0159ddebedf79d931365ee235330a2fbe1377d358675986a2b3aefed0befb7dbb0cbc46200e92f7fe9d447aa956d39f3ee5c7391ea24d1deb603d4c5f562beed6560b28e8261ec24c11b93c563ff5dc6c2d561239772f8c88b07562505f421cd8f9527d349520cc4dcfc0456bfd08d86b42ac1d109979bda2b698b1ddfe5d1b76abf79fb0169ce2bc9d852b05e14dac0c0cd0eac7b7c26b8689437a02b28f764f9f9896115f266150aa22255f50351ed7184208074c373f70935ef99dacd3d18ff54b7ba1766b16", 0xde}, {&(0x7f0000000640)="400d97002411ccb54e232bab906b720102d1460f9e2295e476fe45aa61ab54d04587b77ff4aecb02d0635884ca71363a1e936188e886e704efcd0eeca869c773a0a64117a541869a6e23a2c17508b5ed2cfa804994997228667994c80132d683cbd6c3c825336356313db316eb3c6c6f8e2dbb98d4885559d644c2eed48c408dab5e0ce32a3a3d44", 0x88}, {&(0x7f0000000440)}], 0x4, &(0x7f0000000500)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r2}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee01, r4}}}], 0x40, 0x24000000}}, {{0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f0000000940)="1970768bb348b154fdd311f7fd2dbb1f419c9cb15b171a077ea143c34b5929c567a88235a298897644fede84c1cbe373eec9b540720d06e91276b055f8d343ee9290feddc66a0b99041f1a5bacb3d16895", 0x51}, {0x0}, {&(0x7f0000000a00)="c60730d1cc9336c79585d6a3d62ade196fbd3a364e8811e50f53489b316d9e0a2a3249f372ca88988feab3bbd9a4018c7b994cb65e7f58e23676a44875b9b4c41a0faf8f94d4528d05bb880fcb1c38185f762ddcd85e8b68ff2ce38fb57e", 0x5e}], 0x3, &(0x7f0000000d40)=ANY=[@ANYBLOB="10000000000000000300000001000000476f734c5f140961067acd55732b6d"], 0x10, 0x10}}, {{&(0x7f0000000b00)=@file={0x1, './file1\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000ec0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2, r4}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2, r3}}}], 0x80, 0x4040000}}, {{0x0, 0x0, &(0x7f00000010c0)=[{&(0x7f0000000fc0)="dbe90cf2b7c16bdda4aa64796ee2d8d924aa44d55c75b672a8d300b6714e580371fbcbd0", 0x24}, {&(0x7f0000001080)="2e06e8", 0x3}], 0x2, &(0x7f0000001240)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}, @cred={{0x1c}}], 0x40, 0x4008804}}, {{&(0x7f0000001280)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000002440), 0x0, 0x0, 0x0, 0x800}}, {{&(0x7f00000024c0)=@file={0x0, './file1\x00'}, 0x6e, &(0x7f0000002840)=[{&(0x7f0000002540)="38afc0a802d23771eda64796e568bf05e71bdda01eea233a432ce8cb490d299f5280f074fcc0a2ac721fe8128079206a31984632e05c55a612bd46c5b24872f803517afc9eb2fc3919eefc147c93609e765ce99deadaab88ad8fe027df090f81a10483f830524c29788f185fceef0f150732d29ca4aa24cf4de212d02d6063be316e9f864f56b2736cba71ec9eee6f279e25c82a2076840eef8ef867d7bc731ac4c826ac250809e1d2bf595b283c83bd641ab49644bcb4a23b033c0d8192272e605dadebfeae", 0xc6}, {&(0x7f0000000cc0)="0ac6686b488318e14254d7bf3abb9d2ee3aa95a459f0e768ea8777a894ade8b5065f722ad5c82b7a8724e29a24662acca0a3b176dbcc1b29c61c4896f2ed52008189e4309b742a6e3db6a2df6cd63f7f8ad0850a82cffe7639e74475210249f97850fe0ac8201c8ac773bf97bd94f1546f0c5c8418b976aec269", 0x7a}, {&(0x7f0000002700)}, {&(0x7f0000002740)="5f71e0769c06800ab649d4b699d6100abd0452a25f6752bb07d35378b8525347f3577d340a0cbad38f043da9b40f2d26ddb1c9b1dc93c9d7761e750adae6920edc630af573867d3a80af2f1dcd6e7dad76168bf728e945f1de323d26fe1a65e4fd7b746bd94b19bedfd5b17b7526123b455f2ef80e04a26043e6b98a425d29", 0x7f}, {&(0x7f0000002800)="3ac5a64a7ddd9fc1d5a917b43d9d7388fe63e417510de75352ba529f8aaf5006227f984f64f1f8cf5c3df3478c76cd8b", 0x30}], 0x5}}], 0x6, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x70, 0x4)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r6, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendfile(r1, 0xffffffffffffffff, &(0x7f0000000040), 0x5)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_int(r6, 0x1, 0x8, &(0x7f0000000600)=0x1801, 0x4)
sendto$inet(r6, &(0x7f0000000700)="09268a60fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88ff4f90b1a7511bf746bec66ba1fe92e8615fc3f7af9c3310b39cc2dc3616dcdfaebc65ca325fd99357ed9d11b266a7c88722db6e38df1089394f438cb9fbc08e62754c233cced4a4d4d05a3e5029a01298d3ee87d8a0803a2d26906f42f5b5aaf47d2752a8b23954f309cae13ef250cf76775ddfd153eef2b1a8458a3cb6dc764f19b41c8c61c7305a51a4bfa0c897c7c1f438a851222a5560c0e77b0b5934296bc6f28af87d651f7348a2ba2ca67f930cc655afe0220cbeb79a2a87bba6be2de3e756e674c405bcc51843b4cc75ff7ec38a34d1a2a61f0a1223e69484b5d922b5590758c33317df18c401ff910f9b3f0eaef8b9d928392097a025b0459", 0xfe6a, 0x40040, 0x0, 0xfffffffffffffe93)

3.410538361s ago: executing program 2 (id=9061):
syz_mount_image$f2fs(&(0x7f0000005e00), &(0x7f0000000080)='./bus\x00', 0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="6163746976655f6c6f67733d342c646174615f666c7573682c66617374626f6f742c6a71666d743d76667376312c6e6f696e6c696e655f64656e7472792c7573726a71756f74613d51326673002c00ff371013587045d0d273e856ce75c2b12720ece6ac75541f2db63fb857cb7508f7d67f3affd12ff9abc9b2109887e1a78c2003f04a75607f0099dfad1a283ce7b8b528e239612ab156e30dd8365f708e6c98cf000b30d5304dd70f87da026e214e4df1ad07ba72013f4309fe28bfde0055e7c5806f05b80ec0e186b4f72559eb096a1fe6793e734fe61555f01ff9f23bc11370aa247215e8f1410ea4720a4c7ddb25da21c75f35f711581d305b8d7e52b3d907c8a3c861ae2a531b67900000000000000000000000000027dfebc27b528db735367f0e1bbc48737d88dddd393842c7a7672e54516424e1e306000000b7211a6fe0e8ca5ed7aff80b4505c0229664896ec7502adbc7c7ac11a6073ae25af4b6afe98bad5bc9b48e90450acb30d79df3f46970fd4cc3bd40b1090000006ace0000000000000000b7bcb7b5040b81c15b8f480eff421c16ca0281466b8b400186441ef309e7a08d20cfbf06167621ee7aed0eecd382458aaf73cfd2e4aaccc2de75e33dd2e536d51ff46e4b1bd102906f596cdaae9b5d8b14e4b398e0dbde07bd8954df21960fa30fa366847bd5f4942a5f6111b387faec2a9cbea456321bb2cd28252b52ca4c887151644c8ccb15191f1aab09017f2df17b113a9c1f4bcf9b173fb554f6006131bedd4ec25c659ba4aeec5d832138feb222fa41ffc84b206949385c1b73e0092126497ad9a9c2873ae22fe50274ebb3516f020b7268e751cbd834473c3c88e7b50e64c9057b16f4f6e8f6a533785bfeeec1a84ebab159d442c620844474fbf087435e0a07a4b51766792e2fadf1d6ee9b2f3d7d67e94321679e7e24182b4b27e4ac36fb1b4e2cf2e24141f659ea9e3a28f979c5aa99a1f164d04bc9931291880c8003bcb6e5ac4017981abd02e17525c4cb47b5ff2fa8053819de8083ca17b779b251496d1c78ab0eb64be4fdc71e1b0b1cada310d1e58bff6d52eed01e32313afc42d43e41d1e32e294bd8a978ed60ee3486279b2456a48479a761de0f9f8781feae0cc51af369914c22ae84e4b278d36701421c4175cea5835b4a4e3c45fd778264a978ec976403a491c10a3c409e71541a34d38893ba0d7eda5e6aa49684739fdeeadbbe8eb842d55a2856bbb85a5277aff7e21a65f0d56775aebb10546c86382b3e3df770402fc665ee2460c9f536d5dbb86ba31a10b82a116362a2a92b527fb04c4bcdb8287a789da343bb87ad3e4e5564cbc60d"], 0xfd, 0x5520, &(0x7f0000006280)="$eJzs3EtvG9UXAPDjpOn733+FWLDrSBVSguooTh+CXYFWPESriseCFTjx1HJre6LYddKuumCJWPBNEJVYseQzsGDNrkIIxA6pyHMnaoPaUilu3DS/nzQ5c6+vj891okhnPHIA+9bJ7K8/anEijkTEbEQcjyjPa9VRupjCaxFxKiJmHjlq1XyauH00DkbE0Yg4MU6ectaqh789Mzp9/rcP//zx50MHjn33wy/T2zUwba9HRG8tnW/0UizaKd6o5pujThl750ZVTA/0blbjIsWNuPug1Nxa1yzj2XZaX6zdGoxjrdZcHcd253o5v9ZPLzgYpbiRr5RPuNFcL8etfKWMnUFRxvadVNfmnfS/7c5gmPK0qny3y/QxHG7FNJ9v5mk/azfLuNofVvMpb9HKN8dxVMXq5WK16LbKOlZ29Fa/0D7q9G9tZqN8fdAp+tn5xcabi40L9cZ60cqH+bl6s9e6cC6bb3fHy+rDvNm72C6KdjdfXC16C9l8e3W13mhk85fylU6znzUai2cXl+rnF9LZG5G9d/WzrNvK5sfxnU7/1rDTHWTXi/UsPWMhW148+9ZCdrqRfXLlWnbt48uXr1z79ItLn199+8oH71aLHpb1+/2yrGx+eWl5ud5Yqi83Fl7g/S+dmez+v6qKnuD+YUdq0y4AYO+ZbP8fof8HnsVE+/98pcyw8R/9//Xu5Pr/0P9PxJ7qf7fK2q/9/3PYP+yI/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYN/6de7798uTk2l8rJr/X8Sp8dQr1bgWETMR8eAxZuPgtpyzVZ65J6yf+1cNP9WizDB+jUPVcTQiLlbH3/9/3u8CAAAAvLzuPWzbxy371iUA9of02585/uWE8tUiYu7k/ckkm5sZ/3z1qWuWnlDEY4z/vg/E5kRKSxe24vCEkqVLbgcmle2ZzG4Lhx8JtRRmdrUcAABgV2zvBHa3CwEAAGA3fT3tApiO8qPS6l786k6AQylUHwge2TYCAAAA9qAn3CoNAAAAvETK/v8p3/8Xvv8PAAAA9r57d099M+0aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgH3buJyd5IIwD8NtCvw//RWLcexV3cAyP4NKl4QBegiPgFbwAZ8CdRzBgaEu0BhNjhxLI8yTtMA38mBI270wzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcOxei9n4+fHmqW3OctVOmrsBAAAAtlkUs3H5Ylj1z+rrF/Wlq7qfRUQeEdtq9178a2T26pzih/cX38bwElEmrL/jf32cRsRtfbxf7vpXAAAAgOM1n0xHVbVenYb7HhBdqiZt8vO7RHlZRBTDt0Rp+fp0nSis/H/34yFRWjmBNUgUVk259VOl/Uqv0Qy+NFnV5J0OBwAA6ESzEui2CgEAAKBL93/7mBWiQ5fFZilzsxZcPnn/uSB40ugBAAAAByjb9wAAAACAnSvrf/v/AQAAwHGr9v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABglxbFbDyfTEdtc5ardtLcDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwwf68o0AIhEEY7F3fmcz9DysNmpqaVIHw8TcGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCb3/3l/8TUOJPMvTaWnkeStVNj69TYOzeO/jC+fg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX+/OSAiEQBFEwZ/zvpO9/WEnQM4gQAQ2PKmrRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8EW/++X/xNQ4k8ydNpaOR5K1q8bWVWPvQePowXj7NwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX+/bvGzcVBwD8a/t8/QGIEFCGIAQSAyw0vZSWrgygiIE/ASlKryVw5UeagVYVUhY2lLkLghEhJFDY+j90bqUuZetwQ5GYQfbZqXvJcFVV+9p8PtK79/WT5fd9ThTl6+cDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKiNP3wYZ8XHwiROq7HbD65vFP2dqb5wc/fuctGKOGkz6WfDG82DZKm7RAAAADg6srq+j4h7+d5a0acLZf2f1+cUNf/PL03iup6frvvrvq79i/bXn/df259oYTJPcdGLm6Ph6YOp9J7eKufbywdGjk8d98o7Xz57ycofSPrJzqvjvLyfyY+3bn3UL8NjbWUMADyuU3VfBfX/Q0U/6DIxAI6MXqPwruv/bKHbnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADaMN6JF+o4iYjlXr4fF+48uL5xWH9z9+5y3c7duLHbvGYvIoqrXNwcDU+3uZg5d+XqtS/XR6PhVvvBmxHR3exV8NkM50R0maHgSYO0+l2fl3yejaDjP0wAADx38qoVdf29fG+tGEsWI/775dH6/51GHDPW//c/P3e7OVez/h+0tsL5t7J9+ZuVK1evvbd5ef3S8NLwq/dXBx8Mzpw/e/b8SvmsZMUTEwAAAJ5MP4noT9X/6eLB/f+TjThmrP+//WnwfXOuTP1/qIebfl1nAgAAcLS98ta//ySHjCf9fny3vr29NZh8VsextVoer3aQ6mM7VrVm/Z8tdp0VAAAA0IbxTvLI/v+FRhwz7v+/+OvrvzevmUXEiWr//9TG16ML7S1nrrXxdeKu1wgAAEC3TlStuf+fl+//p/uvPKQR8e7bk7hXjc1S/2cf//Bbc67m+/9n2lviXEqXJvej7JciektdZwQAAMDz7HjVimL/73xv7Ys/Tn7a9/4/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DwAA//+qAEV4")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

3.333076747s ago: executing program 3 (id=9062):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=@newlink={0xf4, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0xc4, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xb4, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x4, 0x3}, @IFLA_VLAN_FLAGS={0xc}, @IFLA_VLAN_FLAGS={0xc}, @IFLA_VLAN_INGRESS_QOS={0x1c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_INGRESS_QOS={0x4, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}]}]}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8}]}, 0xf4}, 0x1, 0xba01}, 0x0) (fail_nth: 3)

3.242186765s ago: executing program 4 (id=9063):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x6, 0x8, 0xb}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
sendmmsg$unix(r1, &(0x7f0000004080)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r0], 0x18}}], 0x1, 0x0)
r4 = dup3(r1, r0, 0x0)
connect$unix(r4, &(0x7f0000000100)=@abs={0x1}, 0x6e)

2.921631301s ago: executing program 3 (id=9064):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

2.902110182s ago: executing program 4 (id=9065):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000107000000000000000000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

2.900443963s ago: executing program 0 (id=9066):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f00000003c0)=0x3, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x4, 0x8, 0x8}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
listen(r0, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x2, @local}, 0x10)
accept4$inet6(r0, 0x0, 0x0, 0x0)

2.826946028s ago: executing program 4 (id=9067):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000680)="90", 0x1}], 0x1}, 0x4004051)
sendmsg$unix(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="1c", 0x1}], 0x1, &(0x7f0000000240)=ANY=[@ANYBLOB="140000000000eed59809a94700e80100000001000000", @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00'], 0x18}, 0x41)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x40, &(0x7f00000029c0), 0x64, 0x4fd, &(0x7f0000000540)="$eJzs3VFrHFsdAPD/bHZr06ZNqj5owVptJS3a3aSxbfChVhB9Kqj1vcZkE0I22ZDdtE0omuIHEERU8ElffBH8AIIUfPFRhII+KyqKeNt7H+7DvZ3L7k7SNN1N0nabTZPfD07mnJmd+Z+zYWbnzBxmAji0zkbEjYh4mqbpxYgYzObnshRrrdT43JPH9ycbKYk0vfX/JJJs3vq2kmx6PFvtaER855sR309ejFtbWZ2bqFTKS1m5VJ9fLNVWVi/Nzk/MlGfKC2Njo1fHr41fGR/pSjtPRMT1r//7Zz/+zTeu/+FLd/9x+78XftCo1kC2fHM7XlJ+u4Wtphea38XmFZZeMdh+lG+2MNO/u3UevMH6AADQWeMc/+MR8fmIuBiD0bf96SwAAADwFkq/OhAfJBFpe0c6zAcAAADeIrnmGNgkV8zGAgxELlcstsbwfjKO5SrVWv2L09XlhanWWNmhKOSmZyvlkWys8FAUkkZ5tJl/Vr68pTwWEaci4qeD/c1ycbJamer1xQ8AAAA4JI5v6f+/N9jq/wMAAAAHzFCvKwAAAAC8cfr/AAAAcPDp/wMAAMCB9q2bNxspXX//9dSdleW56p1LU+XaXHF+ebI4WV1aLM5UqzPNZ/bN77S9SrW6+OVYWL5Xqpdr9VJtZfX2fHV5oX579rlXYAMAAAB76NRnH/4tiYi1r/Q3U8ORXlcK2BP5jVySTdvs/X8/2Zr+a48qBeyJvl5XAOiZfK8rAPRModcVAHou2WF5x8E7f86mn+tufQAAgO4b/nTn+/+5bddc234xsO/ZieHwcv8fDq/m/f/dDvh1sgAHSsEZABx6r33/f0dp+lIVAgAAum6gmZJcMbu8NxC5XLEYcaL5WoBCMj1bKY9ExMmI+Otg4WON8mhzzWTHPgMAAAAAAAAAAAAAAAAAAAAAAAAA0JKmSaQAAADAgRaR+0/yx9az/IcHzw9svT5wJHl/MLJXhN795a2f35uo15dGG/Pf2Zhf/0U2/3IvrmAAAAAAW63309f78QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQTU8e359cT3sZ939fi4ihdvHzcbQ5PRqFiDj2bhL5TeslEdHXhfhrDyLiU+3iJ41qbYRsF7//zcePoexbaBf/eBfiw2H2sHH8udFu/8vF2ea0/f6Xj3iu/Ko6H/9i4/jX12H/P7HLGKcf/a7UMf6DiNP59sef9fhJh/jndhn/e99dXe20LP1VxHDb35/kuVil+vxiqbayeml2fmKmPFNeGBsbvTp+bfzK+EhperZSzv62jfGTz/z+6XbtP9Yh/tAO7T+/y/Z/+Oje40+0soV28S+caxP/T7/OPvFi/Fz22/eFLN9YPryeX2vlNzvz27+c2a79Ux3av9P//8Iu23/x2z/65y4/CgDsgdrK6txEpVJeOrCZRi99H1RDZh9mftjVDaZpmjb2qdfYThL74WtpZnp9ZAIAALrt2Ul/r2sCAAAAAAAAAAAAAAAAAAAAh9dePE5sa8y1jVzSjUdoAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xUcBAAD//9om2kE=")
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
sendmsg$TIPC_NL_LINK_RESET_STATS(0xffffffffffffffff, &(0x7f0000000f80)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000a00)={&(0x7f0000000d40)={0x194, 0x0, 0x300, 0x70bd2c, 0x25dfdbfd, {}, [@TIPC_NLA_NODE={0xbc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3d, 0x4, {'gcm(aes)\x00', 0x15, "6c63485d104d0e8b2931a7393bb55b860c99bb7788"}}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x20}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x25a}, @TIPC_NLA_NODE_KEY={0x3e, 0x4, {'gcm(aes)\x00', 0x16, "872e9225048746bc318d5c3328be280af515c40ff222"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xb68}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x2}]}, @TIPC_NLA_SOCK={0x20, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfffffff7}, @TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x402}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}]}]}, @TIPC_NLA_NET={0x20, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x400}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}]}, @TIPC_NLA_LINK={0x70, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xff}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}, @TIPC_NLA_SOCK={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x5}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}]}, 0x194}, 0x1, 0x0, 0x0, 0x20008041}, 0x20000000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
prctl$PR_MCE_KILL(0x37, 0x0, 0x0)
r4 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r4, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
socketpair$unix(0x5, 0x0, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x1, 0x0)
connect$inet6(r5, &(0x7f0000000040)={0xa, 0x2, 0x0, @loopback}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000300)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c)
pipe2$9p(&(0x7f0000000380)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
write$P9_RSETATTR(r6, 0x0, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r9=>0x0})
sendmsg$nl_route(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@bridge_dellink={0x2c, 0x11, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, r9}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x5, 0x0, 0x1, {0x4, 0x3}}]}]}, 0x2c}}, 0x0)
connect$inet6(r5, &(0x7f0000001500)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
write$P9_RRENAMEAT(r6, 0x0, 0x0)
write$P9_RWALK(r6, 0x0, 0x0)

2.80836207s ago: executing program 1 (id=9068):
prlimit64(0x0, 0xc, &(0x7f0000000140)={0x8, 0x2}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_getparam(0x0, &(0x7f0000000000))
sched_setscheduler(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fstat(r1, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, <r2=>0x0, <r3=>0x0})
r4 = getegid()
r5 = getgid()
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid={'resgid', 0x3d, r5}}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==")
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000004bc0)=[{{&(0x7f0000000240)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f00000004c0)=[{&(0x7f0000000300)="8f28f2fb050400bbaa19b5afed8fdeff75db6bdcef72692a0fb153115e605cb0c2e3dc2ab3aac44d582d7459270c3c5afabc1e7ab3109f62a8672bb61177710c0372d6b149d8dc6f10070238c222cf8b41b8e352b5e504e16050d317e2b8df53984e2d5b8bbd15d44efa3b6edcba67c91941c973351bd0926ce8f70a08b8468422d256185bb118a045a89f6a732aac4d6fd9e2ce1fb68c435e4bd750a9265fc6442fece446f01d71aba9fe69ed98f970c6d76457c564daa9762108d4cd045e5229cc2f4bb037751caa3000e32aeb9d158601f0dec324c165450365c8a8cb0fc975d21b487c2d627a7c5a23", 0xeb}, {&(0x7f0000000840)="e9b9cddb03d5294184e15b33e0de13130c67ec18e86be0159ddebedf79d931365ee235330a2fbe1377d358675986a2b3aefed0befb7dbb0cbc46200e92f7fe9d447aa956d39f3ee5c7391ea24d1deb603d4c5f562beed6560b28e8261ec24c11b93c563ff5dc6c2d561239772f8c88b07562505f421cd8f9527d349520cc4dcfc0456bfd08d86b42ac1d109979bda2b698b1ddfe5d1b76abf79fb0169ce2bc9d852b05e14dac0c0cd0eac7b7c26b8689437a02b28f764f9f9896115f266150aa22255f50351ed7184208074c373f70935ef99dacd3d18ff54b7ba1766b16", 0xde}, {&(0x7f0000000640)="400d97002411ccb54e232bab906b720102d1460f9e2295e476fe45aa61ab54d04587b77ff4aecb02d0635884ca71363a1e936188e886e704efcd0eeca869c773a0a64117a541869a6e23a2c17508b5ed2cfa804994997228667994c80132d683cbd6c3c825336356313db316eb3c6c6f8e2dbb98d4885559d644c2eed48c408dab5e0ce32a3a3d44", 0x88}, {&(0x7f0000000440)}], 0x4, &(0x7f0000000500)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r2, r4}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee01, r5}}}], 0x40, 0x24000000}}, {{0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f0000000940)="1970768bb348b154fdd311f7fd2dbb1f419c9cb15b171a077ea143c34b5929c567a88235a298897644fede84c1cbe373eec9b540720d06e91276b055f8d343ee9290feddc66a0b99041f1a5bacb3d16895", 0x51}, {&(0x7f00000009c0)="0f2344e07aa7eec577e71062913080664dfa93bab410937593fd7b8ae1ad828bca33baabc4bf0cbeab132371c378c1ac", 0x30}, {&(0x7f0000000a00)="c60730d1cc9336c79585d6a3d62ade196fbd3a364e8811e50f53489b316d9e0a2a3249f372ca88988feab3bbd9a4018c7b994cb65e7f58e23676a44875b9b4c41a0faf8f94d4528d05bb880fcb1c38185f762ddcd85e8b68ff2ce38fb57e", 0x5e}], 0x3, &(0x7f0000000d40)=ANY=[@ANYBLOB="10000000000000000300000001000000476f734c5f140961067acd55732b6d"], 0x10, 0x10}}, {{&(0x7f0000000b00)=@file={0x1, './file1\x00'}, 0x6e, &(0x7f0000000c80)=[{&(0x7f0000000b80)="037c22855b6e06db8698aa043c72f65856158dc523a1d0c13732a7491268f1b989368893c05b3ad7016b9bf524bd4131fcca18cfdc411965080bfbf4aaf897e939cc2d311ac43333d9c6263183db50984dd72eba97310b364f5b5a345085d0b708", 0x61}, {&(0x7f0000000c00)="5e4e4c6e25615e71cc7baa74ff6fbda65d13b3a7294686eefe599d000322d34c7deea15c51252ece625890fee203cad62dec98a4b31e1280978129b0e07730b4ebc814ee5f1eb9f2e1611be4e158004a00d91161f59737e32f57f6d180db", 0x5e}], 0x2, &(0x7f0000000ec0)=[@cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2, r5}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2, r3}}}], 0x60, 0x4040000}}, {{0x0, 0x0, &(0x7f00000010c0)=[{&(0x7f0000000fc0)="dbe90cf2b7c16bdda4aa64796ee2d8d924aa44d55c75b672a8d300b6714e580371fbcbd09b8824b5f4", 0x29}, {&(0x7f0000001080)="2e06e8", 0x3}], 0x2, &(0x7f0000001240)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}, @cred={{0x1c}}], 0x40, 0x4008804}}, {{&(0x7f0000001280)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000002440), 0x0, 0x0, 0x0, 0x800}}, {{&(0x7f00000024c0)=@file={0x0, './file1\x00'}, 0x6e, &(0x7f0000002840)=[{&(0x7f0000002540)="38afc0a802d23771eda64796e568bf05e71bdda01eea233a432ce8cb490d299f5280f074fcc0a2ac721fe8128079206a31984632e05c55a612bd46c5b24872f803517afc9eb2fc3919eefc147c93609e765ce99deadaab88ad8fe027df090f81a10483f830524c29788f185fceef0f150732d29ca4aa24cf4de212d02d6063be316e9f864f56b2736cba71ec9eee6f279e25c82a2076840eef8ef867d7bc731ac4c826ac250809e1d2bf595b283c83bd641ab49644bcb4a23b033c0d8192272e605dadebfeae", 0xc6}, {&(0x7f0000000cc0)="0ac6686b488318e14254d7bf3abb9d2ee3aa95a459f0e768ea8777a894ade8b5065f722ad5c82b7a8724e29a24662acca0a3b176dbcc1b29c61c4896f2ed52008189e4309b742a6e3db6a2df6cd63f7f8ad0850a82cffe7639e74475210249f97850fe0ac8201c8ac773bf97bd94f1546f0c5c8418b976aec269", 0x7a}, {0x0}, {&(0x7f0000002700)="389056d92390b63e2ea7bfc345b62a3f38381e043cb7e01f59de6a64b4f0fd89646168034e6b2f27", 0x28}, {&(0x7f0000002740)="5f71e0769c06800ab649d4b699d6100abd0452a25f6752bb07d35378b8525347f3577d340a0cbad38f043da9b40f2d26ddb1c9b1dc93c9d7761e750adae6920edc630af573867d3a80af2f1dcd6e7dad76168bf728e945f1de323d26fe1a65e4fd7b746bd94b19bedfd5b17b7526123b455f2ef80e04a26043e6b98a425d29", 0x7f}, {&(0x7f0000002800)="3ac5a64a7ddd9fc1d5a917b43d9d7388fe63e417510de75352ba529f8aaf5006227f984f64f1f8cf5c3df3478c76cd8b", 0x30}], 0x6}}], 0x6, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r7, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x70, 0x4)
bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendfile(r1, 0xffffffffffffffff, &(0x7f0000000040), 0x5)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_int(r7, 0x1, 0x8, &(0x7f0000000600)=0x1801, 0x4)
sendto$inet(r7, &(0x7f0000000700), 0x0, 0x40040, 0x0, 0x0)

2.754443115s ago: executing program 3 (id=9069):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008180000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

2.513535184s ago: executing program 3 (id=9070):
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffc52)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x10)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040))
mremap(&(0x7f0000097000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f0000bff000/0x400000)=nil)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000180), 0x4)
madvise(&(0x7f00000d9000/0x2000)=nil, 0x2000, 0x14)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000340)={0x0, 0x0, <r4=>0x0}, &(0x7f0000000300)=0xc)
setresgid(0x0, 0x0, r4)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000500)={{'fd', 0x3d, r5}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
statx(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000080))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socket$inet_udplite(0x2, 0x2, 0x88)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
pselect6(0x40, &(0x7f0000004580), &(0x7f0000004e00)={0x3ff}, 0x0, 0x0, 0x0)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000001c0)={'bridge0\x00'})

2.293800852s ago: executing program 4 (id=9071):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x1, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x1)
recvmmsg(r2, &(0x7f0000000740)=[{{&(0x7f00000005c0)=@tipc, 0x80, &(0x7f0000000400)=[{0x0}, {&(0x7f0000000640)=""/251, 0xfb}], 0x2}}], 0x1, 0x2, 0x0)
r4 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
lseek(r4, 0x200, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='sys_enter\x00', r5}, 0x10)
waitid$P_PIDFD(0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$int_in(r6, 0x5452, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@metacopy_on}], [], 0x2c})
r7 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
openat(r7, &(0x7f0000000080)='./file3\x00', 0x0, 0x0)

2.017768575s ago: executing program 0 (id=9072):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r2}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=@newlink={0x2c, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0x4}, @IFLA_GROUP={0x8}]}, 0x2c}}, 0x0)

1.685675432s ago: executing program 1 (id=9073):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r0}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)

1.650647765s ago: executing program 1 (id=9074):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x1, 0x6, 0xf1, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000da33137ec92ce5a1fb663b657a6bdc3832907283ee4671fd2316663813f0e6607c141bf2f1632a5f1a9ca7fa4f3a5f64ba832d7bbab5f042206a6e100b16b9161d2904916f101f11d9e5b0df9b8f52089af35207230241ba4af35f53"], &(0x7f0000000340)='syzkaller\x00', 0x1, 0xc5, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x64}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4}, 0x48)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000002240)='./file0\x00', 0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c666c7573682c646d61736b3d30303030303030303030303030303030303137373737372c73686f72746e616d653d77696e39352c636865636b3d7374726963742c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c757466383d312c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c756e695f786c6174653d312c726f6469722c696f636861727365743d757466382c666d61736b3d30303030303030303030303030303030303030303030342c646d61736b3d30303030303030303030303030303030303030303030372c757466383d312c726f6469722c73686f72746e616d653d77696e39352c726f6469722c00743ccfec81d6c7d05b0f2a54ddce151ec4cbbaacb9552647fd950fedfdc024b3953e7669bc9d4f66e3beaecb80fe73633280b1d3e82023d4f5c7f5a4989406c0f0d0cf537f132dc1e63d84a17532cb78ae7a368bc0029207b9b166705972f4e8dad041e6be170bf43057b456d43f100c53b471aa6c8e3751", @ANYRES16], 0x1, 0x2b8, &(0x7f0000001080)="$eJzs3T2LY1UYAOD3JpkkuxZJYSWCF7SwWna2tckgWVhMpaRQCx3cXZAkCLsw4CgGK1sbS3+BINj5J2wEf4DgD7BzioEjN7mXZGbyMUEz48fzFJl37jnvPe85OcwHwz3z4cuT0eM8nn75+a/RbmdR60UvzrLoRi0qKaUUC72vAwD4NztLKX5Pc9dM6RUvWUS091saALAnO3///2HvJQEAe/bOu++9dTQY9N/O83Y8nHx1Mix+sy8+ztuPnsbHMY4ncT86cT7/W0D100Lx+jClNG3khW68NpmeDIvMyQc/lfc/qgY6jE50Z9HF/EeD/mE+t5Q/Leq4W47fK8Z/EJ14ccX4jwb9ByvyY9iM119dqv9edOLnj+KTGMfjWRGL/C8O8/zN9M0fn71flFfkZ9OTYWvWbyHVb+5dAQAAAAAAAAAAAAAAAAAAAADgv+5eeXZOK2bn9xSXyvN36ufFJweRV7oXz+eZ52fVjS6dDzRN8W1KrUbEoH8/z/NUdlzkN+KlRjRuZ9YAAAAAAAAAAAAAAAAAAADwz/L809PR8Xj85NmK4Je7EWua1gTVaQDVY/1bsurrmnpLV16J09Fxa/0Nl5pqZbhh0KhXfbKIjdMpJrHL3P9CcGddzd99v+sN29v7HGxan78nqHbX6DhbvYatqK60q/f0x+U+zbjmWM11TWn79lsKmiubOjvPvfnCLJhu6BPZpsLe+G2+cuWV7PIsmrNVXZl+UAZL6Zf2xk77+erXisxpHQAAAAAAAAAAAAAAAAAAsFeLh36vNN3ZklpLrb2VBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3avH//3cIpmXyNTo349nzW54iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/wN/BgAA//+kKlw+")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x3ffffffffffffda, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0xb8)
pipe2$9p(&(0x7f0000000240)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r6, &(0x7f0000000080)=ANY=[], 0xfffffffffffffda4)
r7 = dup(r6)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r7}})
r8 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r8, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10)
socket$tipc(0x1e, 0x2, 0x0)

1.621252108s ago: executing program 3 (id=9075):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x6, 0x8, 0xb}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
sendmmsg$unix(r1, &(0x7f0000004080)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r0], 0x18}}], 0x1, 0x0)
r4 = dup3(r1, r0, 0x0)
connect$unix(r4, &(0x7f0000000100)=@abs={0x1}, 0x6e)

1.542290794s ago: executing program 3 (id=9076):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000c80)=ANY=[@ANYBLOB="12010000000000406d0422c2000000000001090224000100000000090400000103000000092100000001220b0009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='signal_deliver\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
getrlimit(0xb, &(0x7f0000000040))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r2}, 0x10)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
syz_usb_control_io(r0, &(0x7f00000005c0)={0x2c, &(0x7f0000000300)={0x40, 0x10, 0x14, {0x14, 0x9, "b9c648cd64e488dce9ef3d58bab9d885af6d"}}, &(0x7f0000000340)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0xef4475c06f253db5}}, &(0x7f0000000500)={0x0, 0xf, 0x3b, {0x5, 0xf, 0x3b, 0x3, [@ss_container_id={0x14, 0x10, 0x4, 0x6d, "508e938f47dcbd86a1863358632b300d"}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x7, 0x5, 0x7, 0xd}, @ssp_cap={0x18, 0x10, 0xa, 0xdf, 0x3, 0x8, 0xf00, 0x0, [0xff3f00, 0xff0000, 0x3f00]}]}}, &(0x7f0000000400)={0x20, 0x29, 0xf, {0xf, 0x29, 0x6, 0x8, 0x9, 0x8, "143eff20", "e4d29662"}}, &(0x7f0000000580)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x9, 0x3, 0xb5, 0x7, 0x42, 0x89f6, 0x8}}}, &(0x7f0000000d00)={0x84, &(0x7f0000000600)={0x0, 0x13, 0x67, "9955c13e52a630dcbb9df950a988eff0027a8865d42d462ccf0addfcab244dfe056149efbf196645beb9c5e3bf5711b1fc46b8270009857281461b0f90b7960fc9050b33a3a3fef0f725f89ba6a7b3c1e384bb1d0f71404b411c050ee1ea49f0059b7cee9e9632"}, &(0x7f0000000680)={0x0, 0xa, 0x1, 0x8}, &(0x7f00000006c0)={0x0, 0x8, 0x1, 0x6}, &(0x7f0000000740)={0x20, 0x0, 0x4}, &(0x7f0000000780)={0x20, 0x0, 0x8, {0x160, 0x10, [0x1e000]}}, &(0x7f00000007c0)={0x40, 0x7, 0x2, 0x5000}, &(0x7f0000000a40)={0x40, 0x9, 0x1, 0x4}, &(0x7f0000000a80)={0x40, 0xb, 0x2, "9fbe"}, &(0x7f0000000ac0)={0x40, 0xf, 0x2, 0xffb1}, &(0x7f0000000b00)={0x40, 0x13, 0x6, @multicast}, &(0x7f0000000b40)={0x40, 0x17, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xc}}, &(0x7f0000000b80)={0x40, 0x19, 0x2, "8552"}, &(0x7f0000000bc0)={0x40, 0x1a, 0x2, 0x7}, &(0x7f0000000c00)={0x40, 0x1c, 0x1}, &(0x7f0000000c40)={0x40, 0x1e, 0x1, 0xb6}, &(0x7f0000000cc0)={0x40, 0x21, 0x1}})
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r6, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000940)=@newqdisc={0x78, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4c, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0x4e1e2563543d84f9}, @TCA_TBF_PBURST={0x8, 0x7, 0x1cdf}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x0, 0x2, 0x0, 0xffff, 0x0, 0x3}, 0x766c, 0x81}}, @TCA_TBF_PRATE64={0xc, 0x5, 0xcb59372f370e8465}]}}]}, 0x78}}, 0x0)
bind$packet(r3, &(0x7f0000000040)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$inet6(r3, &(0x7f0000000800)="4103082c1116480401020200c52cf7c25975e005b02f000006892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fed11cb54d046642670041e846bb184ff5d39fe8516d2d2a8d84e6e7dfcb2b8a8023444db513a3d7a124b59f0a5cd36489dbbb75cce3145d0ea3c3aa21af7cbcbc7a7575db782e757ca543109f5ddcec4930aa91f4119ea3d1f56140cb86cfe0724b23904ef5d05c725ee23918a502b1afe09fb0757d", 0xfc13, 0x880, 0x0, 0xfffffffffffffef0)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r7}, 0x10)
syz_usb_control_io$hid(r0, &(0x7f0000000380)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0xc, {[@main=@item_4={0x3, 0x0, 0x8}, @global=@item_012={0x1, 0x1, 0x0, "03"}, @main=@item_4={0x3, 0x0, 0x0, "b53648c8"}]}}, 0x0}, 0x0)

1.421043784s ago: executing program 2 (id=9077):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000107000000000000000000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

1.35164442s ago: executing program 4 (id=9078):
prlimit64(0x0, 0xc, &(0x7f0000000140)={0x8}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_getparam(0x0, &(0x7f0000000000))
sched_setscheduler(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fstat(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, <r2=>0x0, <r3=>0x0})
r4 = getgid()
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid={'resgid', 0x3d, r4}}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==")
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000004bc0)=[{{&(0x7f0000000240)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f00000004c0)=[{&(0x7f0000000300)="8f28f2fb050400bbaa19b5afed8fdeff75db6bdcef72692a0fb153115e605cb0c2e3dc2ab3aac44d582d7459270c3c5afabc1e7ab3109f62a8672bb61177710c0372d6b149d8dc6f10070238c222cf8b41b8e352b5e504e16050d317e2b8df53984e2d5b8bbd15d44efa3b6edcba67c91941c973351bd0926ce8f70a08b8468422d256185bb118a045a89f6a732aac4d6fd9e2ce1fb68c435e4bd750a9265fc6442fece446f01d71aba9fe69ed98f970c6d76457c564daa9762108d4cd045e5229cc2f4bb037751caa3000e32aeb9d158601f0dec324c165450365c8a8cb0fc975d21b487c2d627a7c5a23", 0xeb}, {&(0x7f0000000840)="e9b9cddb03d5294184e15b33e0de13130c67ec18e86be0159ddebedf79d931365ee235330a2fbe1377d358675986a2b3aefed0befb7dbb0cbc46200e92f7fe9d447aa956d39f3ee5c7391ea24d1deb603d4c5f562beed6560b28e8261ec24c11b93c563ff5dc6c2d561239772f8c88b07562505f421cd8f9527d349520cc4dcfc0456bfd08d86b42ac1d109979bda2b698b1ddfe5d1b76abf79fb0169ce2bc9d852b05e14dac0c0cd0eac7b7c26b8689437a02b28f764f9f9896115f266150aa22255f50351ed7184208074c373f70935ef99dacd3d18ff54b7ba1766b16", 0xde}, {&(0x7f0000000640)="400d97002411ccb54e232bab906b720102d1460f9e2295e476fe45aa61ab54d04587b77ff4aecb02d0635884ca71363a1e936188e886e704efcd0eeca869c773a0a64117a541869a6e23a2c17508b5ed2cfa804994997228667994c80132d683cbd6c3c825336356313db316eb3c6c6f8e2dbb98d4885559d644c2eed48c408dab5e0ce32a3a3d44", 0x88}, {&(0x7f0000000440)}], 0x4, &(0x7f0000000500)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r2}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee01, r4}}}], 0x40, 0x24000000}}, {{0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f0000000940)="1970768bb348b154fdd311f7fd2dbb1f419c9cb15b171a077ea143c34b5929c567a88235a298897644fede84c1cbe373eec9b540720d06e91276b055f8d343ee9290feddc66a0b99041f1a5bacb3d16895", 0x51}, {0x0}, {&(0x7f0000000a00)="c60730d1cc9336c79585d6a3d62ade196fbd3a364e8811e50f53489b316d9e0a2a3249f372ca88988feab3bbd9a4018c7b994cb65e7f58e23676a44875b9b4c41a0faf8f94d4528d05bb880fcb1c38185f762ddcd85e8b68ff2ce38fb57e", 0x5e}], 0x3, &(0x7f0000000d40)=ANY=[@ANYBLOB="10000000000000000300000001000000476f734c5f140961067acd55732b6d"], 0x10, 0x10}}, {{&(0x7f0000000b00)=@file={0x1, './file1\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000ec0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2, r4}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2, r3}}}], 0x80, 0x4040000}}, {{0x0, 0x0, &(0x7f00000010c0)=[{&(0x7f0000000fc0)="dbe90cf2b7c16bdda4aa64796ee2d8d924aa44d55c75b672a8d300b6714e580371fbcbd0", 0x24}, {&(0x7f0000001080)="2e06e8", 0x3}], 0x2, &(0x7f0000001240)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}, @cred={{0x1c}}], 0x40, 0x4008804}}, {{&(0x7f0000001280)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000002440), 0x0, 0x0, 0x0, 0x800}}, {{&(0x7f00000024c0)=@file={0x0, './file1\x00'}, 0x6e, &(0x7f0000002840)=[{&(0x7f0000002540)="38afc0a802d23771eda64796e568bf05e71bdda01eea233a432ce8cb490d299f5280f074fcc0a2ac721fe8128079206a31984632e05c55a612bd46c5b24872f803517afc9eb2fc3919eefc147c93609e765ce99deadaab88ad8fe027df090f81a10483f830524c29788f185fceef0f150732d29ca4aa24cf4de212d02d6063be316e9f864f56b2736cba71ec9eee6f279e25c82a2076840eef8ef867d7bc731ac4c826ac250809e1d2bf595b283c83bd641ab49644bcb4a23b033c0d8192272e605dadebfeae", 0xc6}, {&(0x7f0000000cc0)="0ac6686b488318e14254d7bf3abb9d2ee3aa95a459f0e768ea8777a894ade8b5065f722ad5c82b7a8724e29a24662acca0a3b176dbcc1b29c61c4896f2ed52008189e4309b742a6e3db6a2df6cd63f7f8ad0850a82cffe7639e74475210249f97850fe0ac8201c8ac773bf97bd94f1546f0c5c8418b976aec269", 0x7a}, {&(0x7f0000002700)}, {&(0x7f0000002740)="5f71e0769c06800ab649d4b699d6100abd0452a25f6752bb07d35378b8525347f3577d340a0cbad38f043da9b40f2d26ddb1c9b1dc93c9d7761e750adae6920edc630af573867d3a80af2f1dcd6e7dad76168bf728e945f1de323d26fe1a65e4fd7b746bd94b19bedfd5b17b7526123b455f2ef80e04a26043e6b98a425d29", 0x7f}, {&(0x7f0000002800)="3ac5a64a7ddd9fc1d5a917b43d9d7388fe63e417510de75352ba529f8aaf5006227f984f64f1f8cf5c3df3478c76cd8b", 0x30}], 0x5}}], 0x6, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x70, 0x4)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r6, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendfile(r1, 0xffffffffffffffff, &(0x7f0000000040), 0x5)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_int(r6, 0x1, 0x8, &(0x7f0000000600)=0x1801, 0x4)
sendto$inet(r6, &(0x7f0000000700)="09268a60fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88ff4f90b1a7511bf746bec66ba1fe92e8615fc3f7af9c3310b39cc2dc3616dcdfaebc65ca325fd99357ed9d11b266a7c88722db6e38df1089394f438cb9fbc08e62754c233cced4a4d4d05a3e5029a01298d3ee87d8a0803a2d26906f42f5b5aaf47d2752a8b23954f309cae13ef250cf76775ddfd153eef2b1a8458a3cb6dc764f19b41c8c61c7305a51a4bfa0c897c7c1f438a851222a5560c0e77b0b5934296bc6f28af87d651f7348a2ba2ca67f930cc655afe0220cbeb79a2a87bba6be2de3e756e674c405bcc51843b4cc75ff7ec38a34d1a2a61f0a1223e69484b5d922b5590758c33317df18c401ff910f9b3f0eaef8b9d928392097a025b0459", 0xfe6a, 0x40040, 0x0, 0xfffffffffffffe93)

620.961149ms ago: executing program 0 (id=9079):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

547.928765ms ago: executing program 1 (id=9080):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008180000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

524.202007ms ago: executing program 0 (id=9081):
prlimit64(0x0, 0xc, &(0x7f0000000140)={0x8}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_getparam(0x0, &(0x7f0000000000))
sched_setscheduler(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fstat(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, <r2=>0x0, <r3=>0x0})
r4 = getgid()
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid={'resgid', 0x3d, r4}}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==")
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000004bc0)=[{{&(0x7f0000000240)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f00000004c0)=[{&(0x7f0000000300)="8f28f2fb050400bbaa19b5afed8fdeff75db6bdcef72692a0fb153115e605cb0c2e3dc2ab3aac44d582d7459270c3c5afabc1e7ab3109f62a8672bb61177710c0372d6b149d8dc6f10070238c222cf8b41b8e352b5e504e16050d317e2b8df53984e2d5b8bbd15d44efa3b6edcba67c91941c973351bd0926ce8f70a08b8468422d256185bb118a045a89f6a732aac4d6fd9e2ce1fb68c435e4bd750a9265fc6442fece446f01d71aba9fe69ed98f970c6d76457c564daa9762108d4cd045e5229cc2f4bb037751caa3000e32aeb9d158601f0dec324c165450365c8a8cb0fc975d21b487c2d627a7c5a23", 0xeb}, {&(0x7f0000000840)="e9b9cddb03d5294184e15b33e0de13130c67ec18e86be0159ddebedf79d931365ee235330a2fbe1377d358675986a2b3aefed0befb7dbb0cbc46200e92f7fe9d447aa956d39f3ee5c7391ea24d1deb603d4c5f562beed6560b28e8261ec24c11b93c563ff5dc6c2d561239772f8c88b07562505f421cd8f9527d349520cc4dcfc0456bfd08d86b42ac1d109979bda2b698b1ddfe5d1b76abf79fb0169ce2bc9d852b05e14dac0c0cd0eac7b7c26b8689437a02b28f764f9f9896115f266150aa22255f50351ed7184208074c373f70935ef99dacd3d18ff54b7ba1766b16", 0xde}, {&(0x7f0000000640)="400d97002411ccb54e232bab906b720102d1460f9e2295e476fe45aa61ab54d04587b77ff4aecb02d0635884ca71363a1e936188e886e704efcd0eeca869c773a0a64117a541869a6e23a2c17508b5ed2cfa804994997228667994c80132d683cbd6c3c825336356313db316eb3c6c6f8e2dbb98d4885559d644c2eed48c408dab5e0ce32a3a3d44", 0x88}, {&(0x7f0000000440)}], 0x4, &(0x7f0000000500)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r2}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee01, r4}}}], 0x40, 0x24000000}}, {{0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f0000000940)="1970768bb348b154fdd311f7fd2dbb1f419c9cb15b171a077ea143c34b5929c567a88235a298897644fede84c1cbe373eec9b540720d06e91276b055f8d343ee9290feddc66a0b99041f1a5bacb3d16895", 0x51}, {0x0}, {&(0x7f0000000a00)="c60730d1cc9336c79585d6a3d62ade196fbd3a364e8811e50f53489b316d9e0a2a3249f372ca88988feab3bbd9a4018c7b994cb65e7f58e23676a44875b9b4c41a0faf8f94d4528d05bb880fcb1c38185f762ddcd85e8b68ff2ce38fb57e", 0x5e}], 0x3, &(0x7f0000000d40)=ANY=[@ANYBLOB="10000000000000000300000001000000476f734c5f140961067acd55732b6d"], 0x10, 0x10}}, {{&(0x7f0000000b00)=@file={0x1, './file1\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000ec0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2, r4}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2, r3}}}], 0x80, 0x4040000}}, {{0x0, 0x0, &(0x7f00000010c0)=[{&(0x7f0000000fc0)="dbe90cf2b7c16bdda4aa64796ee2d8d924aa44d55c75b672a8d300b6714e580371fbcbd0", 0x24}, {&(0x7f0000001080)="2e06e8", 0x3}], 0x2, &(0x7f0000001240)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}, @cred={{0x1c}}], 0x40, 0x4008804}}, {{&(0x7f0000001280)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000002440), 0x0, 0x0, 0x0, 0x800}}, {{&(0x7f00000024c0)=@file={0x0, './file1\x00'}, 0x6e, &(0x7f0000002840)=[{&(0x7f0000002540)="38afc0a802d23771eda64796e568bf05e71bdda01eea233a432ce8cb490d299f5280f074fcc0a2ac721fe8128079206a31984632e05c55a612bd46c5b24872f803517afc9eb2fc3919eefc147c93609e765ce99deadaab88ad8fe027df090f81a10483f830524c29788f185fceef0f150732d29ca4aa24cf4de212d02d6063be316e9f864f56b2736cba71ec9eee6f279e25c82a2076840eef8ef867d7bc731ac4c826ac250809e1d2bf595b283c83bd641ab49644bcb4a23b033c0d8192272e605dadebfeae", 0xc6}, {&(0x7f0000000cc0)="0ac6686b488318e14254d7bf3abb9d2ee3aa95a459f0e768ea8777a894ade8b5065f722ad5c82b7a8724e29a24662acca0a3b176dbcc1b29c61c4896f2ed52008189e4309b742a6e3db6a2df6cd63f7f8ad0850a82cffe7639e74475210249f97850fe0ac8201c8ac773bf97bd94f1546f0c5c8418b976aec269", 0x7a}, {&(0x7f0000002700)}, {&(0x7f0000002740)="5f71e0769c06800ab649d4b699d6100abd0452a25f6752bb07d35378b8525347f3577d340a0cbad38f043da9b40f2d26ddb1c9b1dc93c9d7761e750adae6920edc630af573867d3a80af2f1dcd6e7dad76168bf728e945f1de323d26fe1a65e4fd7b746bd94b19bedfd5b17b7526123b455f2ef80e04a26043e6b98a425d29", 0x7f}, {&(0x7f0000002800)="3ac5a64a7ddd9fc1d5a917b43d9d7388fe63e417510de75352ba529f8aaf5006227f984f64f1f8cf5c3df3478c76cd8b", 0x30}], 0x5}}], 0x6, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x70, 0x4)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r6, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendfile(r1, 0xffffffffffffffff, &(0x7f0000000040), 0x5)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_int(r6, 0x1, 0x8, &(0x7f0000000600)=0x1801, 0x4)
sendto$inet(r6, &(0x7f0000000700)="09268a60fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88ff4f90b1a7511bf746bec66ba1fe92e8615fc3f7af9c3310b39cc2dc3616dcdfaebc65ca325fd99357ed9d11b266a7c88722db6e38df1089394f438cb9fbc08e62754c233cced4a4d4d05a3e5029a01298d3ee87d8a0803a2d26906f42f5b5aaf47d2752a8b23954f309cae13ef250cf76775ddfd153eef2b1a8458a3cb6dc764f19b41c8c61c7305a51a4bfa0c897c7c1f438a851222a5560c0e77b0b5934296bc6f28af87d651f7348a2ba2ca67f930cc655afe0220cbeb79a2a87bba6be2de3e756e674c405bcc51843b4cc75ff7ec38a34d1a2a61f0a1223e69484b5d922b5590758c33317df18c401ff910f9b3f0eaef8b9d928392097a025b0459", 0xfe6a, 0x40040, 0x0, 0xfffffffffffffe93)

490.68625ms ago: executing program 2 (id=9082):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f00000003c0)=0x3, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x4, 0x8, 0x8}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
listen(r0, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x2, @local}, 0x10)
accept4$inet6(r0, 0x0, 0x0, 0x0)

327.889513ms ago: executing program 1 (id=9083):
prlimit64(0x0, 0xc, &(0x7f0000000140)={0x8, 0x2}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_getparam(0x0, &(0x7f0000000000))
sched_setscheduler(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fstat(r1, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, <r2=>0x0, <r3=>0x0})
r4 = getegid()
r5 = getgid()
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid={'resgid', 0x3d, r5}}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==")
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000004bc0)=[{{&(0x7f0000000240)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f00000004c0)=[{&(0x7f0000000300)="8f28f2fb050400bbaa19b5afed8fdeff75db6bdcef72692a0fb153115e605cb0c2e3dc2ab3aac44d582d7459270c3c5afabc1e7ab3109f62a8672bb61177710c0372d6b149d8dc6f10070238c222cf8b41b8e352b5e504e16050d317e2b8df53984e2d5b8bbd15d44efa3b6edcba67c91941c973351bd0926ce8f70a08b8468422d256185bb118a045a89f6a732aac4d6fd9e2ce1fb68c435e4bd750a9265fc6442fece446f01d71aba9fe69ed98f970c6d76457c564daa9762108d4cd045e5229cc2f4bb037751caa3000e32aeb9d158601f0dec324c165450365c8a8cb0fc975d21b487c2d627a7c5a23", 0xeb}, {&(0x7f0000000840)="e9b9cddb03d5294184e15b33e0de13130c67ec18e86be0159ddebedf79d931365ee235330a2fbe1377d358675986a2b3aefed0befb7dbb0cbc46200e92f7fe9d447aa956d39f3ee5c7391ea24d1deb603d4c5f562beed6560b28e8261ec24c11b93c563ff5dc6c2d561239772f8c88b07562505f421cd8f9527d349520cc4dcfc0456bfd08d86b42ac1d109979bda2b698b1ddfe5d1b76abf79fb0169ce2bc9d852b05e14dac0c0cd0eac7b7c26b8689437a02b28f764f9f9896115f266150aa22255f50351ed7184208074c373f70935ef99dacd3d18ff54b7ba1766b16", 0xde}, {&(0x7f0000000640)="400d97002411ccb54e232bab906b720102d1460f9e2295e476fe45aa61ab54d04587b77ff4aecb02d0635884ca71363a1e936188e886e704efcd0eeca869c773a0a64117a541869a6e23a2c17508b5ed2cfa804994997228667994c80132d683cbd6c3c825336356313db316eb3c6c6f8e2dbb98d4885559d644c2eed48c408dab5e0ce32a3a3d44", 0x88}, {&(0x7f0000000440)}], 0x4, &(0x7f0000000500)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r2, r4}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee01, r5}}}], 0x40, 0x24000000}}, {{0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f0000000940)="1970768bb348b154fdd311f7fd2dbb1f419c9cb15b171a077ea143c34b5929c567a88235a298897644fede84c1cbe373eec9b540720d06e91276b055f8d343ee9290feddc66a0b99041f1a5bacb3d16895", 0x51}, {&(0x7f00000009c0)="0f2344e07aa7eec577e71062913080664dfa93bab410937593fd7b8ae1ad828bca33baabc4bf0cbeab132371c378c1ac", 0x30}, {&(0x7f0000000a00)="c60730d1cc9336c79585d6a3d62ade196fbd3a364e8811e50f53489b316d9e0a2a3249f372ca88988feab3bbd9a4018c7b994cb65e7f58e23676a44875b9b4c41a0faf8f94d4528d05bb880fcb1c38185f762ddcd85e8b68ff2ce38fb57e", 0x5e}], 0x3, &(0x7f0000000d40)=ANY=[@ANYBLOB="10000000000000000300000001000000476f734c5f140961067acd55732b6d"], 0x10, 0x10}}, {{&(0x7f0000000b00)=@file={0x1, './file1\x00'}, 0x6e, &(0x7f0000000c80)=[{&(0x7f0000000b80)="037c22855b6e06db8698aa043c72f65856158dc523a1d0c13732a7491268f1b989368893c05b3ad7016b9bf524bd4131fcca18cfdc411965080bfbf4aaf897e939cc2d311ac43333d9c6263183db50984dd72eba97310b364f5b5a345085d0b708", 0x61}, {&(0x7f0000000c00)="5e4e4c6e25615e71cc7baa74ff6fbda65d13b3a7294686eefe599d000322d34c7deea15c51252ece625890fee203cad62dec98a4b31e1280978129b0e07730b4ebc814ee5f1eb9f2e1611be4e158004a00d91161f59737e32f57f6d180db", 0x5e}], 0x2, &(0x7f0000000ec0)=[@cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2, r5}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2, r3}}}], 0x60, 0x4040000}}, {{0x0, 0x0, &(0x7f00000010c0)=[{&(0x7f0000000fc0)="dbe90cf2b7c16bdda4aa64796ee2d8d924aa44d55c75b672a8d300b6714e580371fbcbd09b8824b5f4", 0x29}, {&(0x7f0000001080)="2e06e8", 0x3}], 0x2, &(0x7f0000001240)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}, @cred={{0x1c}}], 0x40, 0x4008804}}, {{&(0x7f0000001280)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000002440), 0x0, 0x0, 0x0, 0x800}}, {{&(0x7f00000024c0)=@file={0x0, './file1\x00'}, 0x6e, &(0x7f0000002840)=[{&(0x7f0000002540)="38afc0a802d23771eda64796e568bf05e71bdda01eea233a432ce8cb490d299f5280f074fcc0a2ac721fe8128079206a31984632e05c55a612bd46c5b24872f803517afc9eb2fc3919eefc147c93609e765ce99deadaab88ad8fe027df090f81a10483f830524c29788f185fceef0f150732d29ca4aa24cf4de212d02d6063be316e9f864f56b2736cba71ec9eee6f279e25c82a2076840eef8ef867d7bc731ac4c826ac250809e1d2bf595b283c83bd641ab49644bcb4a23b033c0d8192272e605dadebfeae", 0xc6}, {&(0x7f0000000cc0)="0ac6686b488318e14254d7bf3abb9d2ee3aa95a459f0e768ea8777a894ade8b5065f722ad5c82b7a8724e29a24662acca0a3b176dbcc1b29c61c4896f2ed52008189e4309b742a6e3db6a2df6cd63f7f8ad0850a82cffe7639e74475210249f97850fe0ac8201c8ac773bf97bd94f1546f0c5c8418b976aec269", 0x7a}, {0x0}, {&(0x7f0000002700)="389056d92390b63e2ea7bfc345b62a3f38381e043cb7e01f59de6a64b4f0fd89646168034e6b2f27", 0x28}, {&(0x7f0000002740)="5f71e0769c06800ab649d4b699d6100abd0452a25f6752bb07d35378b8525347f3577d340a0cbad38f043da9b40f2d26ddb1c9b1dc93c9d7761e750adae6920edc630af573867d3a80af2f1dcd6e7dad76168bf728e945f1de323d26fe1a65e4fd7b746bd94b19bedfd5b17b7526123b455f2ef80e04a26043e6b98a425d29", 0x7f}, {&(0x7f0000002800)="3ac5a64a7ddd9fc1d5a917b43d9d7388fe63e417510de75352ba529f8aaf5006227f984f64f1f8cf5c3df3478c76cd8b", 0x30}], 0x6}}], 0x6, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r7, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x70, 0x4)
bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendfile(r1, 0xffffffffffffffff, &(0x7f0000000040), 0x5)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_int(r7, 0x1, 0x8, &(0x7f0000000600)=0x1801, 0x4)
sendto$inet(r7, &(0x7f0000000700), 0x0, 0x40040, 0x0, 0x0)

0s ago: executing program 4 (id=9084):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r0}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)

kernel console output (not intermixed with test programs):

178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215
[ 2519.367003][T30654] loop0: p3 start 4259840 is beyond EOD, truncated
[ 2520.538021][T30673] loop1: detected capacity change from 0 to 40427
[ 2520.606336][T30673] F2FS-fs (loop1): Mismatch start address, segment0(512) cp_blkaddr(175702528)
[ 2520.615183][T30673] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 2520.662904][T30673] F2FS-fs (loop1): invalid crc value
[ 2520.720288][T30673] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 2520.779543][T30690] 9pnet: Insufficient options for proto=fd
[ 2520.801172][T30684] device syzkaller0 entered promiscuous mode
[ 2520.970674][T30673] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0
[ 2521.023662][T30673] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 2521.037269][T30673] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[ 2521.103883][   T30] audit: type=1326 audit(2521.071:10132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30695 comm="syz.2.8720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f964d843bd9 code=0x7ffc0000
[ 2521.156730][   T30] audit: type=1326 audit(2521.091:10133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30695 comm="syz.2.8720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f964d843bd9 code=0x7ffc0000
[ 2521.170843][T30699] loop0: detected capacity change from 0 to 512
[ 2521.210221][T30702] loop3: detected capacity change from 0 to 256
[ 2521.229271][   T30] audit: type=1326 audit(2521.091:10134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30695 comm="syz.2.8720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f964d843bd9 code=0x7ffc0000
[ 2521.266843][T30702] exfat: Deprecated parameter 'utf8'
[ 2521.273216][T30699] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 2521.284130][T30702] exfat: Deprecated parameter 'namecase'
[ 2521.296539][T30702] exfat: Deprecated parameter 'namecase'
[ 2521.310997][T30702] exfat: Deprecated parameter 'utf8'
[ 2521.316387][   T30] audit: type=1326 audit(2521.091:10135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30695 comm="syz.2.8720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f964d843bd9 code=0x7ffc0000
[ 2521.327311][T28600] attempt to access beyond end of device
[ 2521.327311][T28600] loop1: rw=2049, want=45104, limit=40427
[ 2521.339550][   T30] audit: type=1326 audit(2521.091:10136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30695 comm="syz.2.8720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f964d843bd9 code=0x7ffc0000
[ 2521.360467][T30702] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d)
[ 2521.373217][   T30] audit: type=1326 audit(2521.091:10137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30695 comm="syz.2.8720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f964d843bd9 code=0x7ffc0000
[ 2521.392474][T30699] EXT4-fs (loop0): 1 truncate cleaned up
[ 2521.417546][   T30] audit: type=1326 audit(2521.091:10138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30695 comm="syz.2.8720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f964d843bd9 code=0x7ffc0000
[ 2521.443721][T30699] EXT4-fs (loop0): mounted filesystem without journal. Opts: minixdf,nobarrier,debug_want_extra_isize=0x0000000000000068,nodelalloc,nombcache,max_batch_time=0x0000000000000007,,errors=continue. Quota mode: none.
[ 2521.450725][   T30] audit: type=1326 audit(2521.091:10139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30695 comm="syz.2.8720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f964d843bd9 code=0x7ffc0000
[ 2521.487064][   T30] audit: type=1326 audit(2521.091:10140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30695 comm="syz.2.8720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f964d843bd9 code=0x7ffc0000
[ 2521.524377][   T30] audit: type=1326 audit(2521.091:10141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30695 comm="syz.2.8720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f964d843bd9 code=0x7ffc0000
[ 2521.537842][T22648] udevd[22648]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[ 2521.578517][T22654] udevd[22654]: inotify_add_watch(7, /dev/loop0p6, 10) failed: No such file or directory
[ 2521.579349][T22646] udevd[22646]: inotify_add_watch(7, /dev/loop0p5, 10) failed: No such file or directory
[ 2521.591899][T22647] udevd[22647]: inotify_add_watch(7, /dev/loop0p7, 10) failed: No such file or directory
[ 2521.600083][T22278] udevd[22278]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[ 2521.610572][T22651] udevd[22651]: inotify_add_watch(7, /dev/loop0p12, 10) failed: No such file or directory
[ 2521.620200][T22652] udevd[22652]: inotify_add_watch(7, /dev/loop0p8, 10) failed: No such file or directory
[ 2521.630549][T22655] udevd[22655]: inotify_add_watch(7, /dev/loop0p13, 10) failed: No such file or directory
[ 2521.649329][T22649] udevd[22649]: inotify_add_watch(7, /dev/loop0p11, 10) failed: No such file or directory
[ 2521.661830][T22227] udevd[22227]: inotify_add_watch(7, /dev/loop0p10, 10) failed: No such file or directory
[ 2521.838685][T30714] FAULT_INJECTION: forcing a failure.
[ 2521.838685][T30714] name failslab, interval 1, probability 0, space 0, times 0
[ 2521.861404][T30715] syz.2.8726[30715] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2521.861566][T30715] syz.2.8726[30715] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2521.871295][T30714] CPU: 1 PID: 30714 Comm: syz.3.8724 Not tainted 5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[ 2521.893826][T30714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2521.903721][T30714] Call Trace:
[ 2521.906845][T30714]  <TASK>
[ 2521.909612][T30714]  dump_stack_lvl+0x151/0x1b7
[ 2521.914135][T30714]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2521.919601][T30714]  ? proc_fail_nth_read+0x210/0x210
[ 2521.924633][T30714]  ? fsnotify_perm+0x6a/0x5d0
[ 2521.929161][T30714]  dump_stack+0x15/0x17
[ 2521.933172][T30714]  should_fail+0x3c6/0x510
[ 2521.937415][T30714]  __should_failslab+0xa4/0xe0
[ 2521.941997][T30714]  ? getname_flags+0xba/0x520
[ 2521.946507][T30714]  should_failslab+0x9/0x20
[ 2521.950845][T30714]  slab_pre_alloc_hook+0x37/0xd0
[ 2521.955628][T30714]  ? getname_flags+0xba/0x520
[ 2521.960149][T30714]  kmem_cache_alloc+0x44/0x200
[ 2521.964736][T30714]  ? __kasan_check_write+0x14/0x20
[ 2521.969690][T30714]  getname_flags+0xba/0x520
[ 2521.974028][T30714]  user_path_at_empty+0x2d/0x1a0
[ 2521.978803][T30714]  __se_sys_mount+0x285/0x3b0
[ 2521.983310][T30714]  ? fput+0x1a/0x20
[ 2521.986955][T30714]  ? ksys_write+0x260/0x2c0
[ 2521.991308][T30714]  ? __x64_sys_mount+0xd0/0xd0
[ 2521.995900][T30714]  ? debug_smp_processor_id+0x17/0x20
[ 2522.001192][T30714]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 2522.007131][T30714]  __x64_sys_mount+0xbf/0xd0
[ 2522.011535][T30714]  do_syscall_64+0x3d/0xb0
[ 2522.015775][T30714]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2522.021498][T30714] RIP: 0033:0x7f50db71dbd9
[ 2522.025753][T30714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2522.045194][T30714] RSP: 002b:00007f50da99f048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2522.053476][T30714] RAX: ffffffffffffffda RBX: 00007f50db8abf60 RCX: 00007f50db71dbd9
[ 2522.061253][T30714] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 2522.069068][T30714] RBP: 00007f50da99f0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2522.076879][T30714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2522.084702][T30714] R13: 000000000000000b R14: 00007f50db8abf60 R15: 00007fffe838a8f8
[ 2522.092521][T30714]  </TASK>
[ 2522.593992][T30720] tipc: Started in network mode
[ 2522.625602][T30720] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[ 2522.683472][T30720] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[ 2522.738633][T30720] tipc: Enabled bearer <udp:syz1>, priority 10
[ 2522.789819][T30726] loop1: detected capacity change from 0 to 256
[ 2522.806435][T19220] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[ 2522.848171][T30726] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2522.901693][T30726] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2523.176810][T19220] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2523.784497][T30715] loop2: detected capacity change from 0 to 2048
[ 2523.856432][T22466] tipc: Node number set to 1
[ 2523.881727][T30715]  loop2: p1 p3 p4 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215
[ 2523.886972][T30715] loop2: p3 start 4259840 is beyond EOD, 
[ 2524.112638][T19220] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2524.128135][T19220] usb 4-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 2524.137328][T19220] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2524.147168][T19220] usb 4-1: config 0 descriptor??
[ 2524.152185][T30715] truncated
[ 2524.606316][T22466] usb 2-1: new high-speed USB device number 78 using dummy_hcd
[ 2524.646967][T19220] hid (null): unknown global tag 0xc
[ 2524.652140][T19220] hid (null): unknown global tag 0xe
[ 2524.671487][T19220] lg-g15 0003:046D:C222.0213: unknown global tag 0xc
[ 2524.687198][T19220] lg-g15 0003:046D:C222.0213: item 0 2 1 12 parsing failed
[ 2524.694756][T19220] lg-g15: probe of 0003:046D:C222.0213 failed with error -22
[ 2524.876415][T30723] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8729'.
[ 2524.943829][T30740] sch_tbf: peakrate 3 is lower than or equals to rate 5628977692805006585 !
[ 2525.016442][T22466] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2525.048782][T22466] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2525.066550][T22466] usb 2-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[ 2525.085635][T22466] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2525.105686][T22466] usb 2-1: config 0 descriptor??
[ 2525.827830][T30748] loop2: detected capacity change from 0 to 256
[ 2525.847348][T30748] exfat: Deprecated parameter 'utf8'
[ 2525.866638][T30748] exfat: Deprecated parameter 'namecase'
[ 2525.873366][T30748] exfat: Deprecated parameter 'namecase'
[ 2525.879270][T30748] exfat: Deprecated parameter 'utf8'
[ 2525.955125][T30748] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d)
[ 2526.018012][T22466] hid-led: probe of 0003:27B8:01ED.0214 failed with error -71
[ 2526.054325][T22466] usb 2-1: USB disconnect, device number 78
[ 2526.085235][T12560] usb 4-1: USB disconnect, device number 52
[ 2526.204660][T30759] loop2: detected capacity change from 0 to 512
[ 2526.443724][T30764] loop3: detected capacity change from 0 to 16
[ 2526.512087][T30764] erofs: (device loop3): mounted with root inode @ nid 36.
[ 2526.600294][T30759] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[ 2526.758947][T22653] udevd[22653]: inotify_add_watch(7, /dev/loop2p103, 10) failed: No such file or directory
[ 2526.769609][T22227] udevd[22227]: inotify_add_watch(7, /dev/loop2p99, 10) failed: No such file or directory
[ 2526.769815][T22651] udevd[22651]: inotify_add_watch(7, /dev/loop2p101, 10) failed: No such file or directory
[ 2526.790605][T22654] udevd[22654]: inotify_add_watch(7, /dev/loop2p95, 10) failed: No such file or directory
[ 2526.807290][T22650] udevd[22650]: inotify_add_watch(7, /dev/loop2p98, 10) failed: No such file or directory
[ 2526.822548][T22655] udevd[22655]: inotify_add_watch(7, /dev/loop2p102, 10) failed: No such file or directory
[ 2526.836695][T22652] udevd[22652]: inotify_add_watch(7, /dev/loop2p97, 10) failed: No such file or directory
[ 2526.847208][T22647] udevd[22647]: inotify_add_watch(7, /dev/loop2p96, 10) failed: No such file or directory
[ 2526.865579][T22648] udevd[22648]: inotify_add_watch(7, /dev/loop2p104, 10) failed: No such file or directory
[ 2526.865671][T22649] udevd[22649]: inotify_add_watch(7, /dev/loop2p100, 10) failed: No such file or directory
[ 2527.090971][T30759] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.8739: bg 0: block 64: padding at end of block bitmap is not set
[ 2527.163620][T30759] __quota_error: 151 callbacks suppressed
[ 2527.163654][T30759] Quota error (device loop2): write_blk: dquota write failed
[ 2527.165892][T25432] usb 5-1: new high-speed USB device number 76 using dummy_hcd
[ 2527.188494][T30759] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[ 2527.206656][T30759] EXT4-fs (loop2): 1 truncate cleaned up
[ 2527.222350][T30759] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2527.241622][T30769] loop1: detected capacity change from 0 to 256
[ 2527.265229][   T30] audit: type=1400 audit(2527.231:10293): avc:  denied  { setattr } for  pid=30758 comm="syz.2.8739" name="file0" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 2527.317641][T30769] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2527.339807][T30769] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2527.571518][T25432] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2528.398655][T25432] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2528.408716][T25432] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 2528.436306][T25432] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2528.482158][T25432] usb 5-1: config 0 descriptor??
[ 2528.749435][T30781] FAULT_INJECTION: forcing a failure.
[ 2528.749435][T30781] name failslab, interval 1, probability 0, space 0, times 0
[ 2528.796733][T23008] usb 2-1: new high-speed USB device number 79 using dummy_hcd
[ 2528.818580][T30781] CPU: 0 PID: 30781 Comm: syz.2.8739 Not tainted 5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[ 2528.828484][T30781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2528.838374][T30781] Call Trace:
[ 2528.841500][T30781]  <TASK>
[ 2528.844289][T30781]  dump_stack_lvl+0x151/0x1b7
[ 2528.848798][T30781]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2528.854280][T30781]  ? __kasan_check_write+0x14/0x20
[ 2528.859328][T30781]  ? mutex_unlock+0xb2/0x260
[ 2528.863749][T30781]  dump_stack+0x15/0x17
[ 2528.867738][T30781]  should_fail+0x3c6/0x510
[ 2528.871999][T30781]  __should_failslab+0xa4/0xe0
[ 2528.876596][T30781]  ? getname_flags+0xba/0x520
[ 2528.881110][T30781]  should_failslab+0x9/0x20
[ 2528.885447][T30781]  slab_pre_alloc_hook+0x37/0xd0
[ 2528.890227][T30781]  ? getname_flags+0xba/0x520
[ 2528.894740][T30781]  kmem_cache_alloc+0x44/0x200
[ 2528.899343][T30781]  getname_flags+0xba/0x520
[ 2528.903682][T30781]  __x64_sys_mkdirat+0x7c/0xa0
[ 2528.908280][T30781]  do_syscall_64+0x3d/0xb0
[ 2528.912529][T30781]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2528.918264][T30781] RIP: 0033:0x7f964d843bd9
[ 2528.922509][T30781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2528.941954][T30781] RSP: 002b:00007f964ca83048 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2528.950196][T30781] RAX: ffffffffffffffda RBX: 00007f964d9d2110 RCX: 00007f964d843bd9
[ 2528.958011][T30781] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: ffffffffffffff9c
[ 2528.965821][T30781] RBP: 00007f964ca830a0 R08: 0000000000000000 R09: 0000000000000000
[ 2528.973643][T30781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2528.981449][T30781] R13: 000000000000006e R14: 00007f964d9d2110 R15: 00007fff63efeb08
[ 2528.989285][T30781]  </TASK>
[ 2529.007122][T25432] hid (null): unknown global tag 0xc
[ 2529.012292][T25432] hid (null): unknown global tag 0xe
[ 2529.058948][T25432] lg-g15 0003:046D:C222.0215: unknown global tag 0xc
[ 2529.065532][T25432] lg-g15 0003:046D:C222.0215: item 0 2 1 12 parsing failed
[ 2529.126178][T25432] lg-g15: probe of 0003:046D:C222.0215 failed with error -22
[ 2529.136388][T23008] usb 2-1: Using ep0 maxpacket: 8
[ 2529.236319][T30761] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8740'.
[ 2529.256463][T23008] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 2529.275720][T23008] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2529.317098][T23008] usb 2-1: config 0 descriptor??
[ 2530.026868][T23008] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[ 2530.041573][T23008] asix: probe of 2-1:0.0 failed with error -61
[ 2530.323678][T22466] usb 5-1: USB disconnect, device number 76
[ 2530.364947][T30798] loop4: detected capacity change from 0 to 256
[ 2530.407211][T30798] exfat: Deprecated parameter 'utf8'
[ 2530.412513][T30798] exfat: Deprecated parameter 'namecase'
[ 2530.419078][T30798] exfat: Deprecated parameter 'namecase'
[ 2530.424670][T30798] exfat: Deprecated parameter 'utf8'
[ 2530.435933][T30798] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d)
[ 2530.563767][T30800] loop4: detected capacity change from 0 to 512
[ 2530.654483][T30800] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[ 2530.672391][T30800] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.8750: bg 0: block 64: padding at end of block bitmap is not set
[ 2530.688420][T30800] Quota error (device loop4): write_blk: dquota write failed
[ 2530.695788][T30800] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[ 2530.706523][T30800] EXT4-fs (loop4): 1 truncate cleaned up
[ 2530.712033][T30800] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2530.726336][   T30] audit: type=1400 audit(2530.681:10294): avc:  denied  { write } for  pid=81 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 2530.767168][   T30] audit: type=1400 audit(2530.681:10295): avc:  denied  { remove_name } for  pid=81 comm="syslogd" name="messages" dev="tmpfs" ino=28 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 2530.949599][   T30] audit: type=1400 audit(2530.681:10296): avc:  denied  { rename } for  pid=81 comm="syslogd" name="messages" dev="tmpfs" ino=28 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 2530.971344][   T30] audit: type=1400 audit(2530.681:10297): avc:  denied  { add_name } for  pid=81 comm="syslogd" name="messages.0" dev="tmpfs" ino=27 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 2530.993624][   T30] audit: type=1400 audit(2530.681:10298): avc:  denied  { unlink } for  pid=81 comm="syslogd" name="messages.0" dev="tmpfs" ino=27 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 2531.069922][T30807] 9pnet: Insufficient options for proto=fd
[ 2531.078919][T30807] FAULT_INJECTION: forcing a failure.
[ 2531.078919][T30807] name failslab, interval 1, probability 0, space 0, times 0
[ 2531.091448][T30807] CPU: 1 PID: 30807 Comm: syz.4.8750 Not tainted 5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[ 2531.101308][T30807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2531.111215][T30807] Call Trace:
[ 2531.114328][T30807]  <TASK>
[ 2531.117122][T30807]  dump_stack_lvl+0x151/0x1b7
[ 2531.121631][T30807]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2531.127096][T30807]  ? __kasan_check_write+0x14/0x20
[ 2531.132037][T30807]  ? mutex_unlock+0xb2/0x260
[ 2531.136472][T30807]  dump_stack+0x15/0x17
[ 2531.140460][T30807]  should_fail+0x3c6/0x510
[ 2531.144719][T30807]  __should_failslab+0xa4/0xe0
[ 2531.149312][T30807]  ? getname_flags+0xba/0x520
[ 2531.153821][T30807]  should_failslab+0x9/0x20
[ 2531.158165][T30807]  slab_pre_alloc_hook+0x37/0xd0
[ 2531.162940][T30807]  ? getname_flags+0xba/0x520
[ 2531.167454][T30807]  kmem_cache_alloc+0x44/0x200
[ 2531.172057][T30807]  getname_flags+0xba/0x520
[ 2531.176418][T30807]  __x64_sys_mkdirat+0x7c/0xa0
[ 2531.180999][T30807]  do_syscall_64+0x3d/0xb0
[ 2531.185253][T30807]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2531.190972][T30807] RIP: 0033:0x7f4415a46bd9
[ 2531.195224][T30807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2531.214674][T30807] RSP: 002b:00007f4414c86048 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2531.222916][T30807] RAX: ffffffffffffffda RBX: 00007f4415bd5110 RCX: 00007f4415a46bd9
[ 2531.230725][T30807] RDX: 0000000000000000 RSI: 0000000020000100 RDI: ffffffffffffff9c
[ 2531.238552][T30807] RBP: 00007f4414c860a0 R08: 0000000000000000 R09: 0000000000000000
[ 2531.246353][T30807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2531.254169][T30807] R13: 000000000000006e R14: 00007f4415bd5110 R15: 00007ffffe465448
[ 2531.261997][T30807]  </TASK>
[ 2531.470857][T12560] usb 2-1: USB disconnect, device number 79
[ 2531.934550][T30820] loop4: detected capacity change from 0 to 256
[ 2531.942703][T30818] loop2: detected capacity change from 0 to 16
[ 2531.972154][T30815] overlayfs: failed to resolve './file0': -2
[ 2531.989804][T30818] erofs: (device loop2): mounted with root inode @ nid 36.
[ 2532.000901][T30820] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2532.061896][T30820] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2533.883473][T30846] overlayfs: failed to resolve './file0': -2
[ 2534.076432][T30851] loop2: detected capacity change from 0 to 512
[ 2534.147439][T30849] futex_wake_op: syz.1.8756 tries to shift op by -1; fix this program
[ 2534.177511][T30851] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 2534.198553][T30851] EXT4-fs (loop2): 1 orphan inode deleted
[ 2534.212612][T30851] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2534.277943][T30839] loop4: detected capacity change from 0 to 40427
[ 2534.366068][T30839] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[ 2534.376122][T30839] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 2534.387495][T30839] F2FS-fs (loop4): Unrecognized mount option "0x00000000000000080x0000000000000000" or missing value
[ 2534.399977][T30858] FAULT_INJECTION: forcing a failure.
[ 2534.399977][T30858] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2534.413058][T30858] CPU: 0 PID: 30858 Comm: syz.2.8765 Not tainted 5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[ 2534.422968][T30858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2534.432863][T30858] Call Trace:
[ 2534.435985][T30858]  <TASK>
[ 2534.438760][T30858]  dump_stack_lvl+0x151/0x1b7
[ 2534.443278][T30858]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2534.448757][T30858]  dump_stack+0x15/0x17
[ 2534.452736][T30858]  should_fail+0x3c6/0x510
[ 2534.457184][T30858]  should_fail_usercopy+0x1a/0x20
[ 2534.462034][T30858]  strncpy_from_user+0x24/0x2d0
[ 2534.466740][T30858]  ? kmem_cache_alloc+0xf5/0x200
[ 2534.471502][T30858]  getname_flags+0xf2/0x520
[ 2534.475848][T30858]  user_path_at_empty+0x2d/0x1a0
[ 2534.480616][T30858]  path_removexattr+0xb3/0x320
[ 2534.485239][T30858]  ? __check_object_size+0x73/0x3d0
[ 2534.490249][T30858]  ? listxattr+0x300/0x300
[ 2534.494501][T30858]  ? copy_user_enhanced_fast_string+0x29/0x40
[ 2534.500406][T30858]  ? memset+0x35/0x40
[ 2534.504219][T30858]  ? bpf_probe_read_user+0x67/0x70
[ 2534.509191][T30858]  ? bpf_trace_run2+0xf1/0x210
[ 2534.513769][T30858]  ? fput+0x1a/0x20
[ 2534.517421][T30858]  ? bpf_trace_run1+0x1c0/0x1c0
[ 2534.522129][T30858]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2534.527244][T30858]  __x64_sys_lremovexattr+0x5d/0x70
[ 2534.532350][T30858]  do_syscall_64+0x3d/0xb0
[ 2534.536603][T30858]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2534.542326][T30858] RIP: 0033:0x7f964d843bd9
[ 2534.546582][T30858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2534.566024][T30858] RSP: 002b:00007f964caa4048 EFLAGS: 00000246 ORIG_RAX: 00000000000000c6
[ 2534.574275][T30858] RAX: ffffffffffffffda RBX: 00007f964d9d2038 RCX: 00007f964d843bd9
[ 2534.582181][T30858] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000580
[ 2534.590006][T30858] RBP: 00007f964caa40a0 R08: 0000000000000000 R09: 0000000000000000
[ 2534.597806][T30858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2534.605614][T30858] R13: 000000000000006e R14: 00007f964d9d2038 R15: 00007fff63efeb08
[ 2534.613454][T30858]  </TASK>
[ 2534.788004][   T30] kauditd_printk_skb: 5 callbacks suppressed
[ 2534.788039][   T30] audit: type=1400 audit(2534.761:10302): avc:  denied  { read write } for  pid=30862 comm="syz.1.8767" name="uinput" dev="devtmpfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[ 2534.820601][T30863] input: syz1 as /devices/virtual/input/input18
[ 2534.827322][   T30] audit: type=1400 audit(2534.761:10303): avc:  denied  { open } for  pid=30862 comm="syz.1.8767" path="/dev/uinput" dev="devtmpfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[ 2534.857226][   T30] audit: type=1400 audit(2534.791:10304): avc:  denied  { ioctl } for  pid=30862 comm="syz.1.8767" path="/dev/uinput" dev="devtmpfs" ino=166 ioctlcmd=0x5501 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[ 2534.883851][   T30] audit: type=1400 audit(2534.821:10305): avc:  denied  { read } for  pid=84 comm="acpid" name="event3" dev="devtmpfs" ino=19264 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2534.906736][   T30] audit: type=1400 audit(2534.821:10306): avc:  denied  { open } for  pid=84 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=19264 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2534.931309][   T30] audit: type=1400 audit(2534.821:10307): avc:  denied  { ioctl } for  pid=84 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=19264 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2535.024103][T30866] loop3: detected capacity change from 0 to 256
[ 2535.029285][T30867] device veth0_vlan left promiscuous mode
[ 2535.037585][T30867] device veth0_vlan entered promiscuous mode
[ 2535.045900][T25432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2535.055311][T25432] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2535.063046][T25432] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2535.102522][T30866] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2535.115449][T30866] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2537.480087][T30878] loop2: detected capacity change from 0 to 256
[ 2537.557601][T30878] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2537.570438][T30878] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2540.896346][T27599] usb 2-1: new high-speed USB device number 80 using dummy_hcd
[ 2540.947752][T30902] futex_wake_op: syz.2.8776 tries to shift op by -1; fix this program
[ 2541.183056][T30903] loop3: detected capacity change from 0 to 256
[ 2541.256496][T27599] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2541.267878][T27599] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2541.278376][T27599] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 2541.288775][T30903] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2541.300977][T27599] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2541.310679][T30903] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2541.330731][T27599] usb 2-1: config 0 descriptor??
[ 2541.807151][T27599] hid (null): unknown global tag 0xc
[ 2541.812473][T27599] hid (null): unknown global tag 0xe
[ 2541.838490][T27599] lg-g15 0003:046D:C222.0216: unknown global tag 0xc
[ 2541.874113][T27599] lg-g15 0003:046D:C222.0216: item 0 2 1 12 parsing failed
[ 2541.887278][T27599] lg-g15: probe of 0003:046D:C222.0216 failed with error -22
[ 2542.010467][T30899] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8779'.
[ 2542.088705][T30917] loop2: detected capacity change from 0 to 512
[ 2542.128549][T30917] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 2542.143997][T30917] EXT4-fs (loop2): 1 orphan inode deleted
[ 2542.170424][T30917] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2542.181503][T12560] usb 5-1: new high-speed USB device number 77 using dummy_hcd
[ 2542.426160][T30909] loop0: detected capacity change from 0 to 40427
[ 2542.515501][T30909] F2FS-fs (loop0): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[ 2542.526648][T30909] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 2542.535853][T30909] F2FS-fs (loop0): Unrecognized mount option "0x00000000000000080x0000000000000000" or missing value
[ 2542.586499][T12560] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2542.597562][T12560] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2542.606425][T27599] usb 3-1: new high-speed USB device number 76 using dummy_hcd
[ 2542.626399][T12560] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 2542.646502][T12560] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2542.668041][T12560] usb 5-1: config 0 descriptor??
[ 2542.692719][T30922] device veth0_vlan left promiscuous mode
[ 2542.707837][T30922] device veth0_vlan entered promiscuous mode
[ 2542.716140][T25432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2542.728147][T25432] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2542.750685][T25432] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2542.976499][T27599] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2542.987628][T27599] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2542.997986][T27599] usb 3-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 2543.007314][T27599] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2543.017320][T27599] usb 3-1: config 0 descriptor??
[ 2543.049018][T30926] loop3: detected capacity change from 0 to 256
[ 2543.095721][T30924] loop0: detected capacity change from 0 to 512
[ 2543.116817][T30926] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2543.129760][T30926] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2543.281939][T12560] hid (null): unknown global tag 0xc
[ 2543.287130][T30924] EXT4-fs (loop0): 1 orphan inode deleted
[ 2543.287400][T12560] hid (null): unknown global tag 0xe
[ 2543.293021][T30924] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[ 2543.303230][T12560] lg-g15 0003:046D:C222.0217: unknown global tag 0xc
[ 2543.331031][T12560] lg-g15 0003:046D:C222.0217: item 0 2 1 12 parsing failed
[ 2543.339464][T12560] lg-g15: probe of 0003:046D:C222.0217 failed with error -22
[ 2543.759170][T30920] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8785'.
[ 2544.028711][T30912] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8782'.
[ 2544.046758][T19581] usb 2-1: USB disconnect, device number 80
[ 2544.158172][T30912] sch_tbf: peakrate 3 is lower than or equals to rate 5628977692805006585 !
[ 2544.208184][   T30] audit: type=1400 audit(2544.181:10308): avc:  denied  { read } for  pid=30936 comm="syz.1.8788" path="socket:[133084]" dev="sockfs" ino=133084 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 2544.259371][T27599] hid (null): unknown global tag 0xe
[ 2544.267170][T27599] lg-g15 0003:046D:C222.0218: unknown global tag 0xe
[ 2544.273721][T27599] lg-g15 0003:046D:C222.0218: item 0 0 1 14 parsing failed
[ 2544.281854][T27599] lg-g15: probe of 0003:046D:C222.0218 failed with error -22
[ 2544.901459][T30961] loop1: detected capacity change from 0 to 16
[ 2544.953897][T30961] erofs: (device loop1): mounted with root inode @ nid 36.
[ 2545.724212][T12560] usb 5-1: USB disconnect, device number 77
[ 2545.753773][T19581] usb 3-1: USB disconnect, device number 76
[ 2545.820446][T30965] loop4: detected capacity change from 0 to 256
[ 2545.847105][T30965] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2545.899183][T30970] loop1: detected capacity change from 0 to 256
[ 2545.906776][T30965] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2545.929347][T30970] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2545.967309][T30970] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2547.090374][T30972] loop3: detected capacity change from 0 to 512
[ 2547.251110][T30972] EXT4-fs (loop3): 1 orphan inode deleted
[ 2547.260398][T30972] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[ 2547.271709][T30980] loop2: detected capacity change from 0 to 512
[ 2547.349746][T30980] EXT4-fs (loop2): 1 orphan inode deleted
[ 2547.355479][T30980] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[ 2547.439246][T30967] loop0: detected capacity change from 0 to 40427
[ 2547.446592][T19517] usb 2-1: new high-speed USB device number 81 using dummy_hcd
[ 2547.522725][T30967] F2FS-fs (loop0): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[ 2547.530823][T30967] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 2547.540199][T30967] F2FS-fs (loop0): Unrecognized mount option "0x00000000000000080x0000000000000000" or missing value
[ 2547.633567][T31000] device veth0_vlan left promiscuous mode
[ 2547.639923][T31000] device veth0_vlan entered promiscuous mode
[ 2547.660160][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2547.675844][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2547.691752][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2547.816532][T19517] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2547.831147][T19517] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2547.857695][T19517] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 2547.867337][T19517] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2547.877092][T19517] usb 2-1: config 0 descriptor??
[ 2548.026346][  T299] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[ 2548.136347][T27599] usb 3-1: new high-speed USB device number 77 using dummy_hcd
[ 2548.386497][  T299] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2548.397486][  T299] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2548.407121][  T299] usb 4-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 2548.415998][  T299] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2548.425991][  T299] usb 4-1: config 0 descriptor??
[ 2548.436764][T19220] usb 5-1: new high-speed USB device number 78 using dummy_hcd
[ 2548.475045][T31014] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8804'.
[ 2548.516601][T27599] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2548.527527][T27599] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2548.537361][T27599] usb 3-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 2548.546325][T27599] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2548.561620][T27599] usb 3-1: config 0 descriptor??
[ 2548.696354][T19220] usb 5-1: Using ep0 maxpacket: 16
[ 2548.846506][T19220] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 2548.857788][T19220] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 2548.868289][T19220] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2548.886890][T19220] usb 5-1: config 0 descriptor??
[ 2548.907031][  T299] hid (null): unknown global tag 0xc
[ 2548.912231][  T299] hid (null): unknown global tag 0xe
[ 2548.922397][  T299] lg-g15 0003:046D:C222.0219: unknown global tag 0xc
[ 2548.929802][  T299] lg-g15 0003:046D:C222.0219: item 0 2 1 12 parsing failed
[ 2548.935970][T31016] loop0: detected capacity change from 0 to 40427
[ 2548.938005][  T299] lg-g15: probe of 0003:046D:C222.0219 failed with error -22
[ 2548.989704][T31016] F2FS-fs (loop0): invalid crc value
[ 2549.005679][T31016] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 2549.037117][T27599] hid (null): unknown global tag 0xe
[ 2549.044822][T27599] lg-g15 0003:046D:C222.021A: unknown global tag 0xe
[ 2549.051421][T27599] lg-g15 0003:046D:C222.021A: item 0 0 1 14 parsing failed
[ 2549.059807][T27599] lg-g15: probe of 0003:046D:C222.021A failed with error -22
[ 2549.103802][T31016] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 2549.136984][T31004] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8808'.
[ 2549.160446][T31004] sch_tbf: peakrate 3 is lower than or equals to rate 5628977692805006585 !
[ 2549.181630][T26659] attempt to access beyond end of device
[ 2549.181630][T26659] loop0: rw=2049, want=45104, limit=40427
[ 2549.240954][T31009] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8809'.
[ 2549.358912][T31013] UDC core: couldn't find an available UDC or it's busy: -16
[ 2549.366850][T31013] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 2549.391588][T19220] hid (null): unknown global tag 0x83
[ 2549.397225][T19220] hid (null): unknown global tag 0xc
[ 2549.402405][T19220] hid (null): global environment stack underflow
[ 2549.411302][T19220] hid-generic 0003:0158:0100.021B: unknown main item tag 0x1
[ 2549.418958][T19220] hid-generic 0003:0158:0100.021B: unexpected long global item
[ 2549.427032][T19220] hid-generic: probe of 0003:0158:0100.021B failed with error -22
[ 2549.446118][T31022] loop0: detected capacity change from 0 to 256
[ 2549.526826][T31022] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2549.540100][T31022] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2550.106115][T27599] usb 5-1: USB disconnect, device number 78
[ 2550.143526][T31027] loop4: detected capacity change from 0 to 256
[ 2550.168149][  T299] usb 2-1: USB disconnect, device number 81
[ 2550.219112][T31027] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2550.245043][T31027] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2551.121832][T31042] usb 4-1: USB disconnect, device number 53
[ 2551.176465][T22031] usb 3-1: USB disconnect, device number 77
[ 2552.060791][T31039] loop1: detected capacity change from 0 to 40427
[ 2552.127329][T31045] loop3: detected capacity change from 0 to 40427
[ 2552.148709][T31039] F2FS-fs (loop1): Mismatch start address, segment0(512) cp_blkaddr(175702528)
[ 2552.166821][T31039] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 2552.181172][T31039] F2FS-fs (loop1): invalid crc value
[ 2552.196514][T31045] F2FS-fs (loop3): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[ 2552.204029][T31045] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 2552.221836][T31045] F2FS-fs (loop3): Unrecognized mount option "0x00000000000000080x0000000000000000" or missing value
[ 2552.235498][T31039] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 2552.437154][T31066] device veth0_vlan left promiscuous mode
[ 2552.443684][T31066] device veth0_vlan entered promiscuous mode
[ 2552.443725][T31039] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0
[ 2552.449751][T31042] usb 3-1: new high-speed USB device number 78 using dummy_hcd
[ 2552.485579][T21506] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2552.505167][T31039] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 2552.507747][T21506] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2552.515595][T31039] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[ 2552.551175][T31053] loop0: detected capacity change from 0 to 40427
[ 2552.556485][T21506] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2552.617683][T31053] F2FS-fs (loop0): invalid crc value
[ 2552.638455][T31053] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 2552.699147][   T30] audit: type=1326 audit(2552.671:10309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31078 comm="syz.3.8828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50db71dbd9 code=0x7ffc0000
[ 2552.739073][   T30] audit: type=1326 audit(2552.691:10310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31080 comm="syz.4.8829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4415a46bd9 code=0x7ffc0000
[ 2552.790115][   T30] audit: type=1326 audit(2552.701:10311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31080 comm="syz.4.8829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4415a46bd9 code=0x7ffc0000
[ 2552.813604][   T30] audit: type=1326 audit(2552.701:10312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31078 comm="syz.3.8828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50db71dbd9 code=0x7ffc0000
[ 2552.826473][T31042] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2552.836655][   T30] audit: type=1326 audit(2552.711:10313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31080 comm="syz.4.8829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4415a46bd9 code=0x7ffc0000
[ 2552.869263][   T30] audit: type=1326 audit(2552.711:10314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31080 comm="syz.4.8829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4415a46bd9 code=0x7ffc0000
[ 2552.871465][T31042] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2552.892614][   T30] audit: type=1326 audit(2552.711:10315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31080 comm="syz.4.8829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4415a46bd9 code=0x7ffc0000
[ 2552.901486][T31053] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 2552.938555][   T30] audit: type=1326 audit(2552.731:10316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31078 comm="syz.3.8828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f50db71dbd9 code=0x7ffc0000
[ 2552.942680][T31042] usb 3-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 2552.971650][T31042] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2552.974027][   T30] audit: type=1326 audit(2552.731:10317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31078 comm="syz.3.8828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50db71dbd9 code=0x7ffc0000
[ 2552.991454][T31042] usb 3-1: config 0 descriptor??
[ 2553.004719][   T30] audit: type=1326 audit(2552.731:10318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31078 comm="syz.3.8828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50db71dbd9 code=0x7ffc0000
[ 2553.083252][T28600] attempt to access beyond end of device
[ 2553.083252][T28600] loop1: rw=2049, want=45104, limit=40427
[ 2553.139036][T31089] loop4: detected capacity change from 0 to 256
[ 2553.167536][T26659] attempt to access beyond end of device
[ 2553.167536][T26659] loop0: rw=2049, want=45104, limit=40427
[ 2553.230168][T31089] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2553.258549][T31089] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2554.123335][T31096] loop0: detected capacity change from 0 to 256
[ 2554.152679][T31090] loop3: detected capacity change from 0 to 512
[ 2554.182730][T31096] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2554.232281][T31096] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2554.306933][T31093] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8825'.
[ 2554.387377][T31090] EXT4-fs (loop3): 1 orphan inode deleted
[ 2554.393128][T31090] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[ 2554.696311][T25432] usb 5-1: new high-speed USB device number 79 using dummy_hcd
[ 2554.776315][T19220] usb 2-1: new high-speed USB device number 82 using dummy_hcd
[ 2555.106511][T25432] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2555.118439][T25432] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2555.129008][T25432] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 2555.142070][T25432] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 2555.151281][T25432] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2555.159523][  T300] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[ 2555.167227][T19220] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2555.179105][T19220] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2555.195340][T25432] usb 5-1: config 0 descriptor??
[ 2555.200482][T19220] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 2555.209851][T19220] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2555.226903][T19220] usb 2-1: config 0 descriptor??
[ 2555.355672][T22233] usb 3-1: USB disconnect, device number 78
[ 2555.586550][  T300] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2555.598033][  T300] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2555.608582][  T300] usb 4-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 2555.618058][  T300] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2555.634571][T31116] loop2: detected capacity change from 0 to 40427
[ 2555.642092][  T300] usb 4-1: config 0 descriptor??
[ 2555.678457][T25432] plantronics 0003:047F:FFFF.021C: unknown main item tag 0x0
[ 2555.685791][T25432] plantronics 0003:047F:FFFF.021C: unknown main item tag 0x0
[ 2555.687660][T31116] F2FS-fs (loop2): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[ 2555.701553][T31116] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 2555.710250][T31116] F2FS-fs (loop2): Unrecognized mount option "0x00000000000000080x0000000000000000" or missing value
[ 2555.727530][T25432] plantronics 0003:047F:FFFF.021C: No inputs registered, leaving
[ 2555.751446][T25432] plantronics 0003:047F:FFFF.021C: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[ 2555.764578][T19220] hid (null): unknown global tag 0xc
[ 2555.770206][T19220] hid (null): unknown global tag 0xe
[ 2555.780488][T19220] lg-g15 0003:046D:C222.021D: unknown global tag 0xc
[ 2555.787416][T19220] lg-g15 0003:046D:C222.021D: item 0 2 1 12 parsing failed
[ 2555.794968][T19220] lg-g15: probe of 0003:046D:C222.021D failed with error -22
[ 2555.910177][T31118] device veth0_vlan left promiscuous mode
[ 2555.920384][T31118] device veth0_vlan entered promiscuous mode
[ 2555.929745][T22031] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2555.941455][T22031] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2555.968037][T22031] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2555.979140][T22031] usb 5-1: USB disconnect, device number 79
[ 2555.984306][T31103] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8831'.
[ 2556.008994][T31103] sch_tbf: peakrate 3 is lower than or equals to rate 5628977692805006585 !
[ 2556.137013][  T300] hid (null): unknown global tag 0xc
[ 2556.142256][  T300] hid (null): unknown global tag 0xe
[ 2556.154413][  T300] lg-g15 0003:046D:C222.021E: unknown global tag 0xc
[ 2556.162229][  T300] lg-g15 0003:046D:C222.021E: item 0 2 1 12 parsing failed
[ 2556.170174][  T300] lg-g15: probe of 0003:046D:C222.021E failed with error -22
[ 2556.221891][T31123] netlink: 104 bytes leftover after parsing attributes in process `syz.0.8840'.
[ 2556.365548][T31107] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8835'.
[ 2556.554327][T31131] loop4: detected capacity change from 0 to 256
[ 2556.627954][T31131] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2556.651737][T31131] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2556.864162][T31129] loop2: detected capacity change from 0 to 40427
[ 2556.887732][T31125] loop0: detected capacity change from 0 to 40427
[ 2556.949345][T31125] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(175702528)
[ 2557.020006][T31125] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 2557.128541][T31129] F2FS-fs (loop2): invalid crc value
[ 2557.480801][T31125] F2FS-fs (loop0): invalid crc value
[ 2557.486090][T31129] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 2557.531843][T31125] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 2557.552964][ T1235] usb 2-1: USB disconnect, device number 82
[ 2557.656644][T31141] loop1: detected capacity change from 0 to 512
[ 2557.708271][T31141] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 2557.751366][T31141] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:164: inode #12: comm syz.1.8845: inline data xattr refers to an external xattr inode
[ 2557.787223][T31141] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.8845: couldn't read orphan inode 12 (err -117)
[ 2557.809902][T31141] EXT4-fs (loop1): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000200000,user_xattr,grpjquota=,resuid=0x0000000000000000,prjquota,usrjquota=,usrjquota=,min_batch_time=0x000000000000409e,test_dummy_encryption,,errors=continue. Quota mode: writeback.
[ 2557.823065][T31125] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0
[ 2557.852554][T31129] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 2557.862872][T31125] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 2557.876220][T31125] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[ 2557.880010][T31145] loop4: detected capacity change from 0 to 256
[ 2557.956869][  T299] usb 4-1: USB disconnect, device number 54
[ 2557.961262][T31145] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2558.005891][   T30] kauditd_printk_skb: 150 callbacks suppressed
[ 2558.005926][   T30] audit: type=1400 audit(2557.971:10469): avc:  denied  { execute } for  pid=31140 comm="syz.1.8845" path="/143/file0/net_prio.prioidx" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 2558.039360][T25297] attempt to access beyond end of device
[ 2558.039360][T25297] loop2: rw=2049, want=45104, limit=40427
[ 2558.051634][T31145] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2558.065642][   T30] audit: type=1400 audit(2557.991:10470): avc:  denied  { getopt } for  pid=31140 comm="syz.1.8845" lport=7 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 2558.169830][T26659] attempt to access beyond end of device
[ 2558.169830][T26659] loop0: rw=2049, want=45104, limit=40427
[ 2558.375454][   T30] audit: type=1400 audit(2558.341:10471): avc:  denied  { write } for  pid=31156 comm="syz.1.8851" name="001" dev="devtmpfs" ino=152 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[ 2558.376501][  T299] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[ 2558.406580][T31157] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 2558.617983][   T30] audit: type=1326 audit(2558.591:10472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31167 comm="syz.1.8853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec0c23bbd9 code=0x7ffc0000
[ 2558.663147][   T30] audit: type=1326 audit(2558.591:10473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31167 comm="syz.1.8853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec0c23bbd9 code=0x7ffc0000
[ 2558.725542][   T30] audit: type=1326 audit(2558.611:10474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31167 comm="syz.1.8853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec0c23bbd9 code=0x7ffc0000
[ 2558.784699][   T30] audit: type=1326 audit(2558.611:10475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31167 comm="syz.1.8853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec0c23bbd9 code=0x7ffc0000
[ 2558.796518][  T299] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2558.819305][   T30] audit: type=1326 audit(2558.611:10476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31167 comm="syz.1.8853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec0c23bbd9 code=0x7ffc0000
[ 2558.842926][   T30] audit: type=1326 audit(2558.611:10477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31167 comm="syz.1.8853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec0c23bbd9 code=0x7ffc0000
[ 2558.856371][  T299] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2558.866444][   T30] audit: type=1326 audit(2558.611:10478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31167 comm="syz.1.8853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec0c23bbd9 code=0x7ffc0000
[ 2558.905106][  T299] usb 4-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 2558.928179][  T299] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2558.957298][  T299] usb 4-1: config 0 descriptor??
[ 2559.061668][T31174] loop1: detected capacity change from 0 to 256
[ 2559.130453][T31174] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2559.162571][T31174] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d)
[ 2559.254598][T31166] loop2: detected capacity change from 0 to 40427
[ 2559.322719][T31166] F2FS-fs (loop2): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[ 2559.358523][T31166] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 2559.369463][T31166] F2FS-fs (loop2): Unrecognized mount option "0x00000000000000080x0000000000000000" or missing value
[ 2559.517681][T31179] loop4: detected capacity change from 0 to 256
[ 2559.626966][T31179] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2559.632419][T31181] futex_wake_op: syz.1.8855 tries to shift op by -1; fix this program
[ 2559.669512][T31179] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2559.688597][T31180] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8847'.
[ 2559.743379][T31183] loop0: detected capacity change from 0 to 256
[ 2559.798859][T31184] device veth0_vlan left promiscuous mode
[ 2559.805289][T31184] device veth0_vlan entered promiscuous mode
[ 2559.814858][T19220] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2559.826456][T31183] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2559.851205][T19220] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2559.865492][T31183] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d)
[ 2559.879059][T19220] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2560.794949][T31193] loop4: detected capacity change from 0 to 512
[ 2560.920227][T31200] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 2560.951170][T31193] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 2560.977393][T31193] EXT4-fs (loop4): 1 orphan inode deleted
[ 2561.032865][T25432] usb 4-1: USB disconnect, device number 55
[ 2561.054564][T31193] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2561.099308][T31187] loop0: detected capacity change from 0 to 40427
[ 2561.127656][T31187] F2FS-fs (loop0): invalid crc value
[ 2561.158500][T31187] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 2561.240020][T31211] loop3: detected capacity change from 0 to 256
[ 2561.280905][T31211] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2561.309342][T31211] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2561.333468][T31187] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 2561.437824][T31191] loop2: detected capacity change from 0 to 40427
[ 2561.473576][T31191] F2FS-fs (loop2): Mismatch start address, segment0(512) cp_blkaddr(175702528)
[ 2561.494700][T31191] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 2561.505445][T31191] F2FS-fs (loop2): invalid crc value
[ 2561.523965][T31191] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 2561.533842][T26659] attempt to access beyond end of device
[ 2561.533842][T26659] loop0: rw=2049, want=45104, limit=40427
[ 2561.637283][T31191] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0
[ 2561.648169][T31191] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 2561.655610][T31191] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[ 2561.906943][T25297] attempt to access beyond end of device
[ 2561.906943][T25297] loop2: rw=2049, want=45104, limit=40427
[ 2562.060813][T31229] loop1: detected capacity change from 0 to 256
[ 2562.174181][T31229] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2562.200489][T31229] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2563.084826][T31227] loop0: detected capacity change from 0 to 512
[ 2563.216642][T31227] EXT4-fs (loop0): 1 orphan inode deleted
[ 2563.222332][T31227] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[ 2563.432368][T31246] futex_wake_op: syz.4.8871 tries to shift op by -1; fix this program
[ 2563.716462][T21506] usb 2-1: new high-speed USB device number 83 using dummy_hcd
[ 2563.727576][T31237] loop2: detected capacity change from 0 to 40427
[ 2563.766494][T22466] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[ 2563.774022][T31237] F2FS-fs (loop2): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[ 2563.782389][   T30] kauditd_printk_skb: 132 callbacks suppressed
[ 2563.782444][   T30] audit: type=1326 audit(2563.761:10611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31254 comm="syz.0.8876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbb9781bd9 code=0x7ffc0000
[ 2563.793229][T31237] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 2563.837815][   T30] audit: type=1326 audit(2563.791:10612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31254 comm="syz.0.8876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcbb9781bd9 code=0x7ffc0000
[ 2563.861223][T31237] F2FS-fs (loop2): Unrecognized mount option "0x00000000000000080x0000000000000000" or missing value
[ 2563.897604][   T30] audit: type=1326 audit(2563.791:10613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31254 comm="syz.0.8876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbb9781bd9 code=0x7ffc0000
[ 2563.946407][   T30] audit: type=1326 audit(2563.791:10614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31254 comm="syz.0.8876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcbb9781bd9 code=0x7ffc0000
[ 2564.000456][   T30] audit: type=1326 audit(2563.791:10615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31254 comm="syz.0.8876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbb9781bd9 code=0x7ffc0000
[ 2564.023852][   T30] audit: type=1326 audit(2563.791:10616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31254 comm="syz.0.8876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcbb9781bd9 code=0x7ffc0000
[ 2564.066810][   T30] audit: type=1326 audit(2563.791:10617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31254 comm="syz.0.8876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbb9781bd9 code=0x7ffc0000
[ 2564.086448][T21506] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2564.101265][T21506] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2564.126449][   T30] audit: type=1326 audit(2563.791:10618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31254 comm="syz.0.8876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcbb9781bd9 code=0x7ffc0000
[ 2564.136921][T21506] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 2564.166452][T22466] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2564.174555][   T30] audit: type=1326 audit(2563.791:10619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31254 comm="syz.0.8876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbb9781bd9 code=0x7ffc0000
[ 2564.200149][T22466] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2564.216459][T22466] usb 4-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[ 2564.226937][   T30] audit: type=1326 audit(2563.791:10620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31254 comm="syz.0.8876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcbb9781bd9 code=0x7ffc0000
[ 2564.236395][T21506] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2564.257857][T22466] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2564.258919][T31258] futex_wake_op: syz.4.8877 tries to shift op by -1; fix this program
[ 2564.284840][T22466] usb 4-1: config 0 descriptor??
[ 2564.304875][T21506] usb 2-1: config 0 descriptor??
[ 2564.478445][T31257] loop0: detected capacity change from 0 to 40427
[ 2564.497721][T31257] F2FS-fs (loop0): invalid crc value
[ 2564.516426][T31257] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 2564.528075][T31259] device veth0_vlan left promiscuous mode
[ 2564.534173][T31259] device veth0_vlan entered promiscuous mode
[ 2564.541807][T31250] loop3: detected capacity change from 0 to 256
[ 2564.543190][T19220] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2564.558633][T19220] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2564.574445][T19220] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2564.612988][T31250] Invalid ELF header len 1
[ 2564.653013][T31257] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 2564.781378][T26659] attempt to access beyond end of device
[ 2564.781378][T26659] loop0: rw=2049, want=45104, limit=40427
[ 2564.889941][T22466] logitech-hidpp-device 0003:046D:C086.021F: hidraw0: USB HID v0.00 Device [HID 046d:c086] on usb-dummy_hcd.3-1/input0
[ 2565.076632][T31269] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8874'.
[ 2565.163160][  T300] usb 4-1: USB disconnect, device number 56
[ 2565.207390][T31265] loop2: detected capacity change from 0 to 40427
[ 2565.290810][T31265] F2FS-fs (loop2): Mismatch start address, segment0(512) cp_blkaddr(175702528)
[ 2565.299943][T31265] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 2565.315905][T31265] F2FS-fs (loop2): invalid crc value
[ 2565.325023][T31265] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 2565.407918][T31265] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0
[ 2565.415760][T31265] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 2565.422996][T31265] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[ 2565.601375][T25297] attempt to access beyond end of device
[ 2565.601375][T25297] loop2: rw=2049, want=45104, limit=40427
[ 2565.739103][T31286] loop4: detected capacity change from 0 to 256
[ 2565.811618][T31286] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2565.836240][T31286] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2566.087981][T31290] loop0: detected capacity change from 0 to 512
[ 2566.103670][T31292] loop2: detected capacity change from 0 to 256
[ 2566.157309][T31292] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2566.186819][T31290] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 2566.204143][T31292] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2566.212726][T31290] EXT4-fs (loop0): 1 orphan inode deleted
[ 2566.229975][T31290] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2566.250813][T31288] loop3: detected capacity change from 0 to 512
[ 2566.420469][T31288] EXT4-fs (loop3): 1 orphan inode deleted
[ 2566.426213][T31288] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[ 2566.463460][T22466] usb 2-1: USB disconnect, device number 83
[ 2568.687385][T31314] futex_wake_op: syz.1.8888 tries to shift op by -1; fix this program
[ 2569.145408][T31306] loop0: detected capacity change from 0 to 40427
[ 2569.189560][T31306] F2FS-fs (loop0): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[ 2569.197327][T31306] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 2569.216466][T31306] F2FS-fs (loop0): Unrecognized mount option "0x00000000000000080x0000000000000000" or missing value
[ 2569.257890][T31313] loop3: detected capacity change from 0 to 40427
[ 2569.327389][T31313] F2FS-fs (loop3): invalid crc value
[ 2569.348989][T31313] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 2569.504932][T31313] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 2569.594664][T31316] loop2: detected capacity change from 0 to 40427
[ 2569.650232][T27516] attempt to access beyond end of device
[ 2569.650232][T27516] loop3: rw=2049, want=45104, limit=40427
[ 2569.665981][T31332] device veth0_vlan left promiscuous mode
[ 2569.672190][T31316] F2FS-fs (loop2): Mismatch start address, segment0(512) cp_blkaddr(175702528)
[ 2569.681818][T31332] device veth0_vlan entered promiscuous mode
[ 2569.682978][T31316] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 2569.691781][ T1235] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2569.708348][ T1235] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2569.717309][ T1235] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2569.724925][T31316] F2FS-fs (loop2): invalid crc value
[ 2569.741525][T31316] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 2569.844472][T31316] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0
[ 2569.878582][T31316] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 2569.905766][T31340] loop0: detected capacity change from 0 to 512
[ 2569.911982][T31316] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[ 2569.984883][T31340] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 2570.007846][T31340] EXT4-fs (loop0): 1 orphan inode deleted
[ 2570.047777][T31340] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2570.063136][T31346] loop1: detected capacity change from 0 to 256
[ 2570.127228][T31346] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2570.166418][T31346] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2570.219807][T25297] attempt to access beyond end of device
[ 2570.219807][T25297] loop2: rw=2049, want=45104, limit=40427
[ 2570.583024][T31352] loop3: detected capacity change from 0 to 16
[ 2570.833787][T31352] erofs: (device loop3): mounted with root inode @ nid 36.
[ 2572.260417][T31369] futex_wake_op: syz.3.8903 tries to shift op by -1; fix this program
[ 2572.539759][T31351] loop4: detected capacity change from 0 to 40427
[ 2572.642872][T31351] F2FS-fs (loop4): invalid crc value
[ 2572.698402][T31351] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 2572.803660][T31378] loop0: detected capacity change from 0 to 16
[ 2572.852637][T31378] erofs: (device loop0): mounted with root inode @ nid 36.
[ 2573.472609][T31371] loop2: detected capacity change from 0 to 512
[ 2573.649330][T31368] loop1: detected capacity change from 0 to 40427
[ 2573.658956][T31371] EXT4-fs (loop2): 1 orphan inode deleted
[ 2573.664544][T31371] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[ 2573.693849][T31368] F2FS-fs (loop1): invalid crc value
[ 2573.751643][T31368] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 2573.946460][T31368] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 2573.976979][   T30] kauditd_printk_skb: 54 callbacks suppressed
[ 2573.977012][   T30] audit: type=1400 audit(2573.941:10675): avc:  denied  { mount } for  pid=31394 comm="syz.4.8912" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 2574.094552][T28600] attempt to access beyond end of device
[ 2574.094552][T28600] loop1: rw=2049, want=45104, limit=40427
[ 2574.230970][T31387] loop3: detected capacity change from 0 to 40427
[ 2574.347001][T31387] F2FS-fs (loop3): Mismatch start address, segment0(512) cp_blkaddr(175702528)
[ 2574.373041][T31387] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 2574.395671][T31387] F2FS-fs (loop3): invalid crc value
[ 2574.421092][T31387] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 2574.427539][T22202] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[ 2574.518362][T31406] loop0: detected capacity change from 0 to 256
[ 2574.599664][T31407] loop2: detected capacity change from 0 to 16
[ 2574.664525][T31407] erofs: (device loop2): mounted with root inode @ nid 36.
[ 2574.726672][T31406] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2574.776670][T21506] usb 2-1: new high-speed USB device number 84 using dummy_hcd
[ 2574.816936][T22202] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2574.900727][T22202] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2574.957427][T31406] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2574.987199][T31387] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0
[ 2575.030745][T22202] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 2575.254921][T22202] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2575.264746][T22202] usb 5-1: config 0 descriptor??
[ 2575.292773][T31387] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 2575.299956][T31387] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[ 2575.509132][T27516] attempt to access beyond end of device
[ 2575.509132][T27516] loop3: rw=2049, want=45104, limit=40427
[ 2575.586452][T21506] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2575.597422][T21506] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2575.607964][T21506] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 2575.617386][T21506] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2575.627629][T21506] usb 2-1: config 0 descriptor??
[ 2575.963711][T31426] syz.0.8920[31426] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2575.963881][T31426] syz.0.8920[31426] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2575.991116][T31426] loop0: detected capacity change from 0 to 512
[ 2576.099757][T31426] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 2576.108766][T31426] EXT4-fs (loop0): 1 orphan inode deleted
[ 2576.115108][T31426] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2576.127487][T21506] hid (null): unknown global tag 0xc
[ 2576.132648][T21506] hid (null): unknown global tag 0xe
[ 2576.141277][T21506] lg-g15 0003:046D:C222.0221: unknown global tag 0xc
[ 2576.147889][T21506] lg-g15 0003:046D:C222.0221: item 0 2 1 12 parsing failed
[ 2576.155264][T21506] lg-g15: probe of 0003:046D:C222.0221 failed with error -22
[ 2576.256331][  T300] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[ 2576.328884][T31404] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8913'.
[ 2576.516658][T22202] uclogic 0003:256C:006D.0220: interface is invalid, ignoring
[ 2576.549818][T31435] loop0: detected capacity change from 0 to 40427
[ 2576.596776][T31435] F2FS-fs (loop0): invalid crc value
[ 2576.618422][T31435] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 2576.646515][  T300] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2576.667389][  T300] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2576.677821][  T300] usb 4-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 2576.687005][  T300] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2576.705964][  T300] usb 4-1: config 0 descriptor??
[ 2576.730175][T31435] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 2576.806418][   T30] audit: type=1400 audit(2576.771:10676): avc:  denied  { setattr } for  pid=31434 comm="syz.0.8923" name="file0" dev="loop0" ino=455 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 2576.817259][T31437] loop2: detected capacity change from 0 to 512
[ 2576.835956][T26659] attempt to access beyond end of device
[ 2576.835956][T26659] loop0: rw=2049, want=45104, limit=40427
[ 2576.915826][T31437] EXT4-fs (loop2): 1 orphan inode deleted
[ 2576.929771][T31437] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[ 2577.167116][  T300] hid (null): unknown global tag 0xe
[ 2577.182122][  T300] lg-g15 0003:046D:C222.0222: unknown main item tag 0x1
[ 2577.195781][  T300] lg-g15 0003:046D:C222.0222: unknown global tag 0xe
[ 2577.208084][  T300] lg-g15 0003:046D:C222.0222: item 0 0 1 14 parsing failed
[ 2577.217777][T31448] syz.4.8912[31448] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2577.217825][  T300] lg-g15: probe of 0003:046D:C222.0222 failed with error -22
[ 2577.217956][T31448] syz.4.8912[31448] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2577.355031][T31451] overlayfs: failed to resolve './file0': -2
[ 2577.386776][  T300] usb 4-1: USB disconnect, device number 57
[ 2577.490121][T25432] usb 2-1: USB disconnect, device number 84
[ 2577.713296][   T30] audit: type=1400 audit(2577.681:10677): avc:  denied  { bind } for  pid=31455 comm="syz.2.8927" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 2577.867228][T31465] loop2: detected capacity change from 0 to 512
[ 2577.938013][T31465] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 2577.985652][T31465] EXT4-fs (loop2): 1 truncate cleaned up
[ 2578.002504][T31465] EXT4-fs (loop2): mounted filesystem without journal. Opts: minixdf,nobarrier,debug_want_extra_isize=0x0000000000000068,nodelalloc,nombcache,max_batch_time=0x0000000000000007,,errors=continue. Quota mode: none.
[ 2578.354025][T31454] loop1: detected capacity change from 0 to 40427
[ 2578.419744][T31454] F2FS-fs (loop1): Mismatch start address, segment0(512) cp_blkaddr(175702528)
[ 2578.463099][T31454] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 2578.496439][T31454] F2FS-fs (loop1): invalid crc value
[ 2578.519927][T31454] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 2578.616933][T31454] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0
[ 2578.624560][T31454] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 2578.631735][T31454] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[ 2578.669815][ T5187] usb 5-1: USB disconnect, device number 80
[ 2578.678842][   T30] audit: type=1400 audit(2578.651:10678): avc:  denied  { unmount } for  pid=30059 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 2578.832657][T28600] attempt to access beyond end of device
[ 2578.832657][T28600] loop1: rw=2049, want=45104, limit=40427
[ 2578.905261][T31495] loop2: detected capacity change from 0 to 256
[ 2579.008129][T31495] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2579.037686][T31495] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2579.962156][T31504] loop1: detected capacity change from 0 to 512
[ 2579.971735][T31505] loop3: detected capacity change from 0 to 256
[ 2580.103993][T31493] loop4: detected capacity change from 0 to 40427
[ 2580.107855][T31505] exfat: Deprecated parameter 'utf8'
[ 2580.115812][T31504] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 2580.117841][T31505] exfat: Deprecated parameter 'namecase'
[ 2580.131186][T31505] exfat: Deprecated parameter 'namecase'
[ 2580.136836][T31505] exfat: Deprecated parameter 'utf8'
[ 2580.145981][T31504] EXT4-fs (loop1): 1 truncate cleaned up
[ 2580.151714][T31504] EXT4-fs (loop1): mounted filesystem without journal. Opts: minixdf,nobarrier,debug_want_extra_isize=0x0000000000000068,nodelalloc,nombcache,max_batch_time=0x0000000000000007,,errors=continue. Quota mode: none.
[ 2580.171160][T31505] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d)
[ 2580.186399][T31493] F2FS-fs (loop4): Magic Mismatch, valid(0xf2f52010) - read(0xfff52010)
[ 2580.196398][T31493] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 2580.247299][T31493] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 2580.347073][T31493] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 2580.354005][T31493] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 2580.457928][T31519] syz.3.8943[31519] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2580.458085][T31519] syz.3.8943[31519] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2580.717247][T31521] loop3: detected capacity change from 0 to 2048
[ 2580.771157][T31521]  loop3: p1 p3 p4 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215
[ 2580.772548][T31521] loop3: p3 start 4259840 is beyond EOD, truncated
[ 2581.042422][T31529] syz.1.8946[31529] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2581.042611][T31529] syz.1.8946[31529] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2581.081002][T31529] loop1: detected capacity change from 0 to 512
[ 2581.306170][T31531] loop1: detected capacity change from 0 to 512
[ 2581.457929][T31531] loop1: detected capacity change from 0 to 2048
[ 2581.509212][T31532] overlayfs: failed to resolve './file0': -2
[ 2581.588893][T31531] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 2582.094097][T31534] loop3: detected capacity change from 0 to 256
[ 2582.218486][T31534] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2582.220416][T22648] udevd[22648]: inotify_add_watch(7, /dev/loop3p16, 10) failed: No such file or directory
[ 2582.242194][T22278] udevd[22278]: inotify_add_watch(7, /dev/loop3p17, 10) failed: No such file or directory
[ 2582.254373][T22654] udevd[22654]: inotify_add_watch(7, /dev/loop3p19, 10) failed: No such file or directory
[ 2582.268987][T22652] udevd[22652]: inotify_add_watch(7, /dev/loop3p21, 10) failed: No such file or directory
[ 2582.281066][T22650] udevd[22650]: inotify_add_watch(7, /dev/loop3p22, 10) failed: No such file or directory
[ 2582.295343][T22227] udevd[22227]: inotify_add_watch(7, /dev/loop3p23, 10) failed: No such file or directory
[ 2582.307230][T22649] udevd[22649]: inotify_add_watch(7, /dev/loop3p24, 10) failed: No such file or directory
[ 2582.308695][T22653] udevd[22653]: inotify_add_watch(7, /dev/loop3p27, 10) failed: No such file or directory
[ 2582.317891][T22647] udevd[22647]: inotify_add_watch(7, /dev/loop3p20, 10) failed: No such file or directory
[ 2582.330264][T22646] udevd[22646]: inotify_add_watch(7, /dev/loop3p18, 10) failed: No such file or directory
[ 2582.357158][T31534] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2583.194819][T31555] loop1: detected capacity change from 0 to 256
[ 2583.278511][T31555] exfat: Deprecated parameter 'utf8'
[ 2583.283841][T31555] exfat: Deprecated parameter 'namecase'
[ 2583.289512][T31555] exfat: Deprecated parameter 'namecase'
[ 2583.295016][T31555] exfat: Deprecated parameter 'utf8'
[ 2583.337855][T31555] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d)
[ 2583.438642][T31565] loop4: detected capacity change from 0 to 256
[ 2583.493044][T31565] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2583.560608][T31565] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2583.638865][T31567] syz.1.8958[31567] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2583.639023][T31567] syz.1.8958[31567] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2584.287680][T31568] loop1: detected capacity change from 0 to 2048
[ 2584.362523][T31568]  loop1: p1 p3 p4 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215
[ 2584.376931][T31568] loop1: p3 start 4259840 is beyond EOD, truncated
[ 2584.930740][T31562] loop2: detected capacity change from 0 to 40427
[ 2585.016354][T19220] usb 5-1: new high-speed USB device number 81 using dummy_hcd
[ 2585.031156][T31562] F2FS-fs (loop2): invalid crc value
[ 2585.058626][T31562] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 2585.171612][T31563] loop3: detected capacity change from 0 to 40427
[ 2585.211893][T31562] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 2585.220194][T31563] F2FS-fs (loop3): Magic Mismatch, valid(0xf2f52010) - read(0xfff52010)
[ 2585.232756][T31563] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 2585.278815][T31563] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 2585.310615][T25297] attempt to access beyond end of device
[ 2585.310615][T25297] loop2: rw=2049, want=45104, limit=40427
[ 2585.372470][   T99]  loop1: p1 p3 p4 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215
[ 2585.373961][   T99] loop1: p3 start 4259840 is beyond EOD, truncated
[ 2585.462462][T31563] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 2585.474702][T31563] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 2585.496406][T19220] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2585.516368][T19220] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2585.526010][T19220] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 2585.556410][T19220] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2585.567170][T19220] usb 5-1: config 0 descriptor??
[ 2585.887569][T31588] loop3: detected capacity change from 0 to 256
[ 2585.927425][T31588] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2585.943544][T31588] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d)
[ 2586.046955][T19220] hid (null): unknown global tag 0xc
[ 2586.052252][T19220] hid (null): unknown global tag 0xe
[ 2586.070742][T19220] lg-g15 0003:046D:C222.0223: unknown global tag 0xc
[ 2586.086303][T19220] lg-g15 0003:046D:C222.0223: item 0 2 1 12 parsing failed
[ 2586.104150][T19220] lg-g15: probe of 0003:046D:C222.0223 failed with error -22
[ 2586.250705][T31574] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8959'.
[ 2586.351873][T31593] loop3: detected capacity change from 0 to 512
[ 2586.384423][T31593] EXT4-fs (loop3): 1 orphan inode deleted
[ 2586.390183][T31593] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[ 2586.527707][T31604] loop1: detected capacity change from 0 to 512
[ 2586.547774][T31604] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 2586.580114][T31604] EXT4-fs (loop1): 1 truncate cleaned up
[ 2586.589506][T31604] EXT4-fs (loop1): mounted filesystem without journal. Opts: minixdf,nobarrier,debug_want_extra_isize=0x0000000000000068,nodelalloc,nombcache,max_batch_time=0x0000000000000007,,errors=continue. Quota mode: none.
[ 2587.226997][T22648] udevd[22648]: inotify_add_watch(7, /dev/loop1p61, 10) failed: No such file or directory
[ 2587.227708][T22278] udevd[22278]: inotify_add_watch(7, /dev/loop1p62, 10) failed: No such file or directory
[ 2587.249537][T22654] udevd[22654]: inotify_add_watch(7, /dev/loop1p64, 10) failed: No such file or directory
[ 2587.249832][T22646] udevd[22646]: inotify_add_watch(7, /dev/loop1p63, 10) failed: No such file or directory
[ 2587.263828][T22227] udevd[22227]: inotify_add_watch(7, /dev/loop1p68, 10) failed: No such file or directory
[ 2587.282023][T22647] udevd[22647]: inotify_add_watch(7, /dev/loop1p65, 10) failed: No such file or directory
[ 2587.289810][T22649] udevd[22649]: inotify_add_watch(7, /dev/loop1p69, 10) failed: No such file or directory
[ 2587.293651][T22652] udevd[22652]: inotify_add_watch(7, /dev/loop1p66, 10) failed: No such file or directory
[ 2587.304596][T22655] udevd[22655]: inotify_add_watch(7, /dev/loop1p71, 10) failed: No such file or directory
[ 2587.323408][T22651] udevd[22651]: inotify_add_watch(7, /dev/loop1p70, 10) failed: No such file or directory
[ 2587.346134][T31613] overlayfs: failed to resolve './file0': -2
[ 2587.366778][T31615] loop3: detected capacity change from 0 to 256
[ 2587.417100][T31615] exfat: Deprecated parameter 'utf8'
[ 2587.422469][T31615] exfat: Deprecated parameter 'namecase'
[ 2587.430420][T31615] exfat: Deprecated parameter 'namecase'
[ 2587.438234][T31615] exfat: Deprecated parameter 'utf8'
[ 2587.451896][T31615] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d)
[ 2587.749751][T31620] loop3: detected capacity change from 0 to 256
[ 2587.768025][ T1235] usb 5-1: USB disconnect, device number 81
[ 2587.827780][T31620] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2587.900149][T31620] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2589.419900][T31618] loop1: detected capacity change from 0 to 40427
[ 2589.515757][T31618] F2FS-fs (loop1): invalid crc value
[ 2589.558114][T31618] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 2589.967334][T31618] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 2590.479709][T31622] loop4: detected capacity change from 0 to 40427
[ 2590.575650][T28600] attempt to access beyond end of device
[ 2590.575650][T28600] loop1: rw=2049, want=45104, limit=40427
[ 2590.611957][T31622] F2FS-fs (loop4): invalid crc value
[ 2590.633529][T31622] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 2590.711137][T31628] loop3: detected capacity change from 0 to 40427
[ 2590.753498][T31628] F2FS-fs (loop3): Magic Mismatch, valid(0xf2f52010) - read(0xfff52010)
[ 2590.797070][T31628] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 2590.871459][T31628] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 2591.269055][T31628] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 2591.291548][T31628] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 2591.525716][T31655] loop2: detected capacity change from 0 to 512
[ 2591.586539][   T30] audit: type=1326 audit(2591.551:10679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31658 comm="syz.4.8980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4415a46bd9 code=0x7ffc0000
[ 2591.611007][T31655] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 2591.639944][   T30] audit: type=1326 audit(2591.551:10680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31658 comm="syz.4.8980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4415a46bd9 code=0x7ffc0000
[ 2591.668651][T31655] EXT4-fs (loop2): 1 truncate cleaned up
[ 2591.674354][T31655] EXT4-fs (loop2): mounted filesystem without journal. Opts: minixdf,nobarrier,debug_want_extra_isize=0x0000000000000068,nodelalloc,nombcache,max_batch_time=0x0000000000000007,,errors=continue. Quota mode: none.
[ 2591.692902][   T30] audit: type=1326 audit(2591.551:10681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31658 comm="syz.4.8980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4415a46bd9 code=0x7ffc0000
[ 2591.738548][   T30] audit: type=1326 audit(2591.551:10682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31658 comm="syz.4.8980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4415a46bd9 code=0x7ffc0000
[ 2591.766427][T19517] usb 2-1: new high-speed USB device number 85 using dummy_hcd
[ 2591.779326][   T30] audit: type=1326 audit(2591.551:10683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31658 comm="syz.4.8980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4415a46bd9 code=0x7ffc0000
[ 2591.803239][   T30] audit: type=1326 audit(2591.551:10684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31658 comm="syz.4.8980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4415a46bd9 code=0x7ffc0000
[ 2591.833094][   T30] audit: type=1326 audit(2591.551:10685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31658 comm="syz.4.8980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4415a46bd9 code=0x7ffc0000
[ 2591.856545][   T30] audit: type=1326 audit(2591.551:10686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31658 comm="syz.4.8980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4415a46bd9 code=0x7ffc0000
[ 2591.879940][   T30] audit: type=1326 audit(2591.551:10687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31658 comm="syz.4.8980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4415a46bd9 code=0x7ffc0000
[ 2591.910264][   T30] audit: type=1326 audit(2591.551:10688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31658 comm="syz.4.8980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4415a46bd9 code=0x7ffc0000
[ 2592.292166][T31669] loop4: detected capacity change from 0 to 16
[ 2592.332099][T31669] erofs: (device loop4): mounted with root inode @ nid 36.
[ 2592.377039][T19517] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2592.521215][T19517] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2592.714788][T19517] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 2592.982387][T19517] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2593.096777][  T300] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[ 2593.111383][T31674] FAULT_INJECTION: forcing a failure.
[ 2593.111383][T31674] name failslab, interval 1, probability 0, space 0, times 0
[ 2593.124179][T31674] CPU: 0 PID: 31674 Comm: syz.0.8983 Not tainted 5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[ 2593.134044][T31674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2593.143943][T31674] Call Trace:
[ 2593.147069][T31674]  <TASK>
[ 2593.149854][T31674]  dump_stack_lvl+0x151/0x1b7
[ 2593.154360][T31674]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2593.159830][T31674]  ? release_sock+0x163/0x1b0
[ 2593.164353][T31674]  dump_stack+0x15/0x17
[ 2593.168330][T31674]  should_fail+0x3c6/0x510
[ 2593.172596][T31674]  __should_failslab+0xa4/0xe0
[ 2593.177190][T31674]  ? __alloc_skb+0xbe/0x550
[ 2593.181525][T31674]  should_failslab+0x9/0x20
[ 2593.185865][T31674]  slab_pre_alloc_hook+0x37/0xd0
[ 2593.190643][T31674]  ? __alloc_skb+0xbe/0x550
[ 2593.194984][T31674]  kmem_cache_alloc+0x44/0x200
[ 2593.199586][T31674]  __alloc_skb+0xbe/0x550
[ 2593.203756][T31674]  netlink_sendmsg+0x797/0xd20
[ 2593.208365][T31674]  ? netlink_getsockopt+0x560/0x560
[ 2593.213377][T31674]  ? kasan_set_track+0x5d/0x70
[ 2593.218004][T31674]  ? security_socket_sendmsg+0x82/0xb0
[ 2593.223276][T31674]  ? netlink_getsockopt+0x560/0x560
[ 2593.228311][T31674]  ____sys_sendmsg+0x59e/0x8f0
[ 2593.232928][T31674]  ? __sys_sendmsg_sock+0x40/0x40
[ 2593.234554][T19517] usb 2-1: config 0 descriptor??
[ 2593.237780][T31674]  ? import_iovec+0xe5/0x120
[ 2593.237853][T31674]  ___sys_sendmsg+0x252/0x2e0
[ 2593.237919][T31674]  ? __sys_sendmsg+0x260/0x260
[ 2593.256384][T31674]  ? __fdget+0x1bc/0x240
[ 2593.260418][T31674]  __se_sys_sendmsg+0x19a/0x260
[ 2593.265101][T31674]  ? __x64_sys_sendmsg+0x90/0x90
[ 2593.269871][T31674]  ? ksys_write+0x260/0x2c0
[ 2593.274238][T31674]  ? debug_smp_processor_id+0x17/0x20
[ 2593.279422][T31674]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 2593.285341][T31674]  __x64_sys_sendmsg+0x7b/0x90
[ 2593.289935][T31674]  do_syscall_64+0x3d/0xb0
[ 2593.294191][T31674]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2593.299918][T31674] RIP: 0033:0x7fcbb9781bd9
[ 2593.304183][T31674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2593.323610][T31674] RSP: 002b:00007fcbb8a03048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2593.331858][T31674] RAX: ffffffffffffffda RBX: 00007fcbb990ff60 RCX: 00007fcbb9781bd9
[ 2593.339669][T31674] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000004
[ 2593.347512][T31674] RBP: 00007fcbb8a030a0 R08: 0000000000000000 R09: 0000000000000000
[ 2593.355293][T31674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2593.363106][T31674] R13: 000000000000000b R14: 00007fcbb990ff60 R15: 00007ffd67aad968
[ 2593.370935][T31674]  </TASK>
[ 2593.401838][T31676] loop2: detected capacity change from 0 to 16
[ 2593.483018][T31676] erofs: (device loop2): mounted with root inode @ nid 36.
[ 2594.368050][T31688] loop2: detected capacity change from 0 to 256
[ 2594.397052][T19517] hid (null): unknown global tag 0xc
[ 2594.402218][T19517] hid (null): unknown global tag 0xe
[ 2594.417346][T31688] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2594.423552][T19517] lg-g15 0003:046D:C222.0224: unknown global tag 0xc
[ 2594.446387][T19517] lg-g15 0003:046D:C222.0224: item 0 2 1 12 parsing failed
[ 2594.447820][T31688] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2594.454022][T19517] lg-g15: probe of 0003:046D:C222.0224 failed with error -22
[ 2594.606472][  T300] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2594.626333][  T300] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2594.648358][  T300] usb 4-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 2594.676984][  T300] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2594.710610][  T300] usb 4-1: config 0 descriptor??
[ 2595.297296][T31693] overlayfs: failed to resolve './file0': -2
[ 2596.259365][T19517] usb 2-1: USB disconnect, device number 85
[ 2596.286413][  T300] usbhid 4-1:0.0: can't add hid device: -71
[ 2596.292351][  T300] usbhid: probe of 4-1:0.0 failed with error -71
[ 2596.337368][  T300] usb 4-1: USB disconnect, device number 58
[ 2596.444664][T31706] loop3: detected capacity change from 0 to 512
[ 2596.485324][T31686] loop0: detected capacity change from 0 to 40427
[ 2596.497086][T31706] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 2596.518698][T31686] F2FS-fs (loop0): invalid crc value
[ 2596.533757][T31686] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 2596.539395][T31706] EXT4-fs (loop3): 1 truncate cleaned up
[ 2596.545345][T31706] EXT4-fs (loop3): mounted filesystem without journal. Opts: minixdf,nobarrier,debug_want_extra_isize=0x0000000000000068,nodelalloc,nombcache,max_batch_time=0x0000000000000007,,errors=continue. Quota mode: none.
[ 2596.712818][T31686] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 2596.878638][T26659] attempt to access beyond end of device
[ 2596.878638][T26659] loop0: rw=2049, want=45104, limit=40427
[ 2597.036419][T19517] usb 2-1: new high-speed USB device number 86 using dummy_hcd
[ 2597.161998][T31722] loop0: detected capacity change from 0 to 128
[ 2597.216799][   T30] kauditd_printk_skb: 123 callbacks suppressed
[ 2597.216835][   T30] audit: type=1400 audit(2597.191:10812): avc:  denied  { mounton } for  pid=31721 comm="syz.0.8995" path="/284/file0/file0/file0" dev="loop0" ino=1049826 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1
[ 2597.247616][   T30] audit: type=1400 audit(2597.221:10813): avc:  denied  { mount } for  pid=31721 comm="syz.0.8995" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[ 2597.469241][T31729] loop3: detected capacity change from 0 to 512
[ 2597.477208][T19517] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2597.490174][T19517] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2597.502463][T31729] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 2597.516808][T19517] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 2597.532031][T19517] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2597.540121][T31720] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65308 sclass=netlink_route_socket pid=31720 comm=syz.2.8996
[ 2597.554884][T19517] usb 2-1: config 0 descriptor??
[ 2597.563176][T31729] EXT4-fs (loop3): 1 truncate cleaned up
[ 2597.568874][T31729] EXT4-fs (loop3): mounted filesystem without journal. Opts: minixdf,nobarrier,debug_want_extra_isize=0x0000000000000068,nodelalloc,nombcache,max_batch_time=0x0000000000000007,,errors=continue. Quota mode: none.
[ 2597.765261][   T30] audit: type=1326 audit(2597.731:10814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31740 comm="syz.2.9003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f964d843bd9 code=0x7ffc0000
[ 2597.790047][  T300] usb 5-1: new high-speed USB device number 82 using dummy_hcd
[ 2597.831541][   T30] audit: type=1326 audit(2597.781:10815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31740 comm="syz.2.9003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f964d843bd9 code=0x7ffc0000
[ 2597.863933][   T30] audit: type=1326 audit(2597.781:10816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31740 comm="syz.2.9003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f964d843bd9 code=0x7ffc0000
[ 2597.888005][   T30] audit: type=1326 audit(2597.781:10817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31740 comm="syz.2.9003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f964d843bd9 code=0x7ffc0000
[ 2597.911623][   T30] audit: type=1326 audit(2597.781:10818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31740 comm="syz.2.9003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f964d843bd9 code=0x7ffc0000
[ 2597.934940][   T30] audit: type=1326 audit(2597.781:10819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31740 comm="syz.2.9003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f964d843bd9 code=0x7ffc0000
[ 2598.081470][   T30] audit: type=1326 audit(2597.781:10820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31740 comm="syz.2.9003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f964d843bd9 code=0x7ffc0000
[ 2598.180806][T19517] hid (null): unknown global tag 0xc
[ 2598.187544][T19517] hid (null): unknown global tag 0xe
[ 2598.275242][T19517] lg-g15 0003:046D:C222.0225: unknown global tag 0xc
[ 2598.721533][T31708] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8993'.
[ 2598.736358][T19517] lg-g15 0003:046D:C222.0225: item 0 2 1 12 parsing failed
[ 2598.743940][T19517] lg-g15: probe of 0003:046D:C222.0225 failed with error -22
[ 2598.855471][   T30] audit: type=1326 audit(2597.781:10821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31740 comm="syz.2.9003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f964d843bd9 code=0x7ffc0000
[ 2598.933370][T31749] 9pnet: Insufficient options for proto=fd
[ 2599.031774][T31754] overlayfs: failed to resolve './file0': -2
[ 2599.579472][  T300] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2599.590508][  T300] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2599.600435][  T300] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 2599.609578][  T300] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2599.618851][  T300] usb 5-1: config 0 descriptor??
[ 2599.838854][T31761] loop3: detected capacity change from 0 to 512
[ 2599.876396][T26105] usb 3-1: new high-speed USB device number 79 using dummy_hcd
[ 2599.914641][T19581] usb 2-1: USB disconnect, device number 86
[ 2599.929290][T31761] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 2599.958764][T31761] EXT4-fs (loop3): 1 truncate cleaned up
[ 2599.964360][T31761] EXT4-fs (loop3): mounted filesystem without journal. Opts: minixdf,nobarrier,debug_want_extra_isize=0x0000000000000068,nodelalloc,nombcache,max_batch_time=0x0000000000000007,,errors=continue. Quota mode: none.
[ 2600.106963][  T300] hid (null): unknown global tag 0xe
[ 2600.118684][  T300] lg-g15 0003:046D:C222.0226: unknown main item tag 0x1
[ 2600.125692][  T300] lg-g15 0003:046D:C222.0226: unknown global tag 0xe
[ 2600.132328][  T300] lg-g15 0003:046D:C222.0226: item 0 0 1 14 parsing failed
[ 2600.140071][  T300] lg-g15: probe of 0003:046D:C222.0226 failed with error -22
[ 2600.339937][T19581] usb 5-1: USB disconnect, device number 82
[ 2600.346688][T26105] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2600.361233][T26105] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2600.370908][T26105] usb 3-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 2600.380218][T26105] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2600.389624][T26105] usb 3-1: config 0 descriptor??
[ 2600.648895][T31774] netlink: 'syz.0.9012': attribute type 1 has an invalid length.
[ 2600.657966][T31774] netlink: 'syz.0.9012': attribute type 1 has an invalid length.
[ 2600.665588][T31774] netlink: 'syz.0.9012': attribute type 1 has an invalid length.
[ 2600.673429][T31774] netlink: 'syz.0.9012': attribute type 1 has an invalid length.
[ 2600.681331][T31774] netlink: 'syz.0.9012': attribute type 1 has an invalid length.
[ 2600.689413][T31774] netlink: 'syz.0.9012': attribute type 1 has an invalid length.
[ 2600.697426][T31774] netlink: 'syz.0.9012': attribute type 1 has an invalid length.
[ 2600.705118][T31774] netlink: 'syz.0.9012': attribute type 1 has an invalid length.
[ 2600.713189][T31774] netlink: 'syz.0.9012': attribute type 1 has an invalid length.
[ 2600.838525][T31781] loop0: detected capacity change from 0 to 512
[ 2600.846819][T31781] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 2600.867160][T26105] hid (null): unknown global tag 0xc
[ 2600.872348][T26105] hid (null): unknown global tag 0xe
[ 2600.883722][T26105] lg-g15 0003:046D:C222.0227: unknown global tag 0xc
[ 2600.891101][T26105] lg-g15 0003:046D:C222.0227: item 0 2 1 12 parsing failed
[ 2600.901506][T31781] EXT4-fs (loop0): 1 truncate cleaned up
[ 2600.908288][T26105] lg-g15: probe of 0003:046D:C222.0227 failed with error -22
[ 2600.915606][T31781] EXT4-fs (loop0): mounted filesystem without journal. Opts: minixdf,nobarrier,debug_want_extra_isize=0x0000000000000068,nodelalloc,nombcache,max_batch_time=0x0000000000000007,,errors=continue. Quota mode: none.
[ 2601.136895][T31759] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9007'.
[ 2601.370473][T27599] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[ 2602.505172][T31806] loop0: detected capacity change from 0 to 256
[ 2602.568742][T31806] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2602.593533][T31806] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d)
[ 2602.636677][T19581] usb 3-1: USB disconnect, device number 79
[ 2602.676463][T27599] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2602.696467][T27599] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2602.730099][T27599] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 2602.746845][T27599] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2602.767092][T27599] usb 4-1: config 0 descriptor??
[ 2602.880879][T31816] loop2: detected capacity change from 0 to 512
[ 2602.973857][T31816] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 2603.007845][T31816] EXT4-fs (loop2): 1 truncate cleaned up
[ 2603.013679][T31816] EXT4-fs (loop2): mounted filesystem without journal. Opts: minixdf,nobarrier,debug_want_extra_isize=0x0000000000000068,nodelalloc,nombcache,max_batch_time=0x0000000000000007,,errors=continue. Quota mode: none.
[ 2603.216962][T31805] loop4: detected capacity change from 0 to 40427
[ 2603.307660][T31805] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[ 2603.335746][T31805] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 2603.356460][T31805] F2FS-fs (loop4): Unrecognized mount option "0x00000000000000080x0000000000000000" or missing value
[ 2603.936503][T27599] uclogic 0003:256C:006D.0228: interface is invalid, ignoring
[ 2604.014388][T31829] device veth0_vlan left promiscuous mode
[ 2604.030855][T31829] device veth0_vlan entered promiscuous mode
[ 2604.049540][T25432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2604.068941][T25432] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2604.096944][T25432] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2604.426646][T31841] overlayfs: failed to resolve './file0': -2
[ 2604.511919][T31842] syz.3.9015[31842] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2604.512100][T31842] syz.3.9015[31842] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2604.526317][T25432] usb 5-1: new high-speed USB device number 83 using dummy_hcd
[ 2604.741083][T31836] loop0: detected capacity change from 0 to 512
[ 2604.868541][T31836] EXT4-fs (loop0): 1 orphan inode deleted
[ 2604.876750][T31836] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[ 2604.916506][T25432] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2604.936350][T25432] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2604.945982][T25432] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 2604.955365][T25432] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2604.986246][T25432] usb 5-1: config 0 descriptor??
[ 2605.202419][T31851] loop2: detected capacity change from 0 to 256
[ 2605.281900][T31851] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2605.324071][T31851] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d)
[ 2605.443575][T31859] loop0: detected capacity change from 0 to 512
[ 2605.469088][T25432] hid (null): unknown global tag 0xc
[ 2605.475373][T25432] hid (null): unknown global tag 0xe
[ 2605.489140][T31859] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 2605.502205][T25432] lg-g15 0003:046D:C222.0229: unknown global tag 0xc
[ 2605.512244][T25432] lg-g15 0003:046D:C222.0229: item 0 2 1 12 parsing failed
[ 2605.529245][T25432] lg-g15: probe of 0003:046D:C222.0229 failed with error -22
[ 2605.567093][T31859] EXT4-fs (loop0): 1 truncate cleaned up
[ 2605.572747][T31859] EXT4-fs (loop0): mounted filesystem without journal. Opts: minixdf,nobarrier,debug_want_extra_isize=0x0000000000000068,nodelalloc,nombcache,max_batch_time=0x0000000000000007,,errors=continue. Quota mode: none.
[ 2605.733054][T31838] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9033'.
[ 2605.874824][T25432] usb 4-1: USB disconnect, device number 59
[ 2606.769767][T31886] overlayfs: failed to resolve './file0': -2
[ 2606.968606][T31883] loop2: detected capacity change from 0 to 512
[ 2607.022543][T31883] EXT4-fs (loop2): 1 orphan inode deleted
[ 2607.028988][T31883] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[ 2607.276176][T27599] usb 5-1: USB disconnect, device number 83
[ 2607.426019][T31894] loop4: detected capacity change from 0 to 256
[ 2607.481826][T31894] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2607.500707][T31894] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d)
[ 2608.171536][T31911] loop2: detected capacity change from 0 to 512
[ 2608.195470][T31911] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 2608.236992][T31911] EXT4-fs (loop2): 1 truncate cleaned up
[ 2608.247035][T31911] EXT4-fs (loop2): mounted filesystem without journal. Opts: minixdf,nobarrier,debug_want_extra_isize=0x0000000000000068,nodelalloc,nombcache,max_batch_time=0x0000000000000007,,errors=continue. Quota mode: none.
[ 2609.230209][T31921] loop4: detected capacity change from 0 to 256
[ 2609.327923][T31921] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2609.358032][T31921] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2609.602854][T31927] loop1: detected capacity change from 0 to 512
[ 2609.712158][T31927] EXT4-fs (loop1): 1 orphan inode deleted
[ 2609.717825][T31927] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[ 2610.351790][T31939] FAULT_INJECTION: forcing a failure.
[ 2610.351790][T31939] name failslab, interval 1, probability 0, space 0, times 0
[ 2610.388974][T31939] CPU: 0 PID: 31939 Comm: syz.3.9062 Not tainted 5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[ 2610.398849][T31939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2610.408746][T31939] Call Trace:
[ 2610.411874][T31939]  <TASK>
[ 2610.414759][T31939]  dump_stack_lvl+0x151/0x1b7
[ 2610.419269][T31939]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2610.424738][T31939]  ? release_sock+0x163/0x1b0
[ 2610.429252][T31939]  dump_stack+0x15/0x17
[ 2610.433263][T31939]  should_fail+0x3c6/0x510
[ 2610.437504][T31939]  __should_failslab+0xa4/0xe0
[ 2610.442108][T31939]  ? __alloc_skb+0xbe/0x550
[ 2610.446434][T31939]  should_failslab+0x9/0x20
[ 2610.450769][T31939]  slab_pre_alloc_hook+0x37/0xd0
[ 2610.455547][T31939]  ? __alloc_skb+0xbe/0x550
[ 2610.459891][T31939]  kmem_cache_alloc+0x44/0x200
[ 2610.464500][T31939]  __alloc_skb+0xbe/0x550
[ 2610.468657][T31939]  netlink_sendmsg+0x797/0xd20
[ 2610.473269][T31939]  ? netlink_getsockopt+0x560/0x560
[ 2610.478287][T31939]  ? kasan_set_track+0x5d/0x70
[ 2610.482900][T31939]  ? security_socket_sendmsg+0x82/0xb0
[ 2610.488181][T31939]  ? netlink_getsockopt+0x560/0x560
[ 2610.493217][T31939]  ____sys_sendmsg+0x59e/0x8f0
[ 2610.497829][T31939]  ? __sys_sendmsg_sock+0x40/0x40
[ 2610.502689][T31939]  ? import_iovec+0xe5/0x120
[ 2610.507115][T31939]  ___sys_sendmsg+0x252/0x2e0
[ 2610.511627][T31939]  ? __sys_sendmsg+0x260/0x260
[ 2610.516268][T31939]  ? __fdget+0x1bc/0x240
[ 2610.520305][T31939]  __se_sys_sendmsg+0x19a/0x260
[ 2610.524988][T31939]  ? __x64_sys_sendmsg+0x90/0x90
[ 2610.529757][T31939]  ? ksys_write+0x260/0x2c0
[ 2610.534125][T31939]  ? debug_smp_processor_id+0x17/0x20
[ 2610.539312][T31939]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 2610.545342][T31939]  __x64_sys_sendmsg+0x7b/0x90
[ 2610.549938][T31939]  do_syscall_64+0x3d/0xb0
[ 2610.554186][T31939]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2610.559917][T31939] RIP: 0033:0x7f50db71dbd9
[ 2610.564169][T31939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2610.583614][T31939] RSP: 002b:00007f50da99f048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2610.591858][T31939] RAX: ffffffffffffffda RBX: 00007f50db8abf60 RCX: 00007f50db71dbd9
[ 2610.599668][T31939] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[ 2610.607512][T31939] RBP: 00007f50da99f0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2610.615290][T31939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2610.623106][T31939] R13: 000000000000000b R14: 00007f50db8abf60 R15: 00007fffe838a8f8
[ 2610.630939][T31939]  </TASK>
[ 2610.849761][T31950] loop4: detected capacity change from 0 to 512
[ 2610.968861][T31950] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.9067: bg 0: block 248: padding at end of block bitmap is not set
[ 2611.003952][T31950] __quota_error: 51 callbacks suppressed
[ 2611.003989][T31950] Quota error (device loop4): write_blk: dquota write failed
[ 2611.046456][T31950] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[ 2611.082495][T31950] EXT4-fs (loop4): 1 truncate cleaned up
[ 2611.098706][T31950] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2611.171073][   T30] audit: type=1400 audit(2611.141:10873): avc:  denied  { create } for  pid=31949 comm="syz.4.9067" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=tcp_socket permissive=1
[ 2611.203254][T31937] loop2: detected capacity change from 0 to 40427
[ 2611.209681][   T30] audit: type=1400 audit(2611.141:10874): avc:  denied  { connect } for  pid=31949 comm="syz.4.9067" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=tcp_socket permissive=1
[ 2611.230122][   T30] audit: type=1400 audit(2611.141:10875): avc:  denied  { name_connect } for  pid=31949 comm="syz.4.9067" dest=2 scontext=system_u:object_r:hugetlbfs_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[ 2611.252233][   T30] audit: type=1400 audit(2611.141:10876): avc:  denied  { create } for  pid=31949 comm="syz.4.9067" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_route_socket permissive=1
[ 2611.273091][   T30] audit: type=1400 audit(2611.151:10877): avc:  denied  { create } for  pid=31949 comm="syz.4.9067" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=rawip_socket permissive=1
[ 2611.300884][   T30] audit: type=1400 audit(2611.151:10878): avc:  denied  { ioctl } for  pid=31949 comm="syz.4.9067" path="socket:[135701]" dev="sockfs" ino=135701 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=rawip_socket permissive=1
[ 2611.344917][   T30] audit: type=1400 audit(2611.151:10879): avc:  denied  { write } for  pid=31949 comm="syz.4.9067" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_route_socket permissive=1
[ 2611.351972][T31955] loop1: detected capacity change from 0 to 512
[ 2611.371964][   T30] audit: type=1400 audit(2611.151:10880): avc:  denied  { nlmsg_write } for  pid=31949 comm="syz.4.9067" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_route_socket permissive=1
[ 2611.394171][T31937] F2FS-fs (loop2): Mismatch start address, segment0(512) cp_blkaddr(175702528)
[ 2611.403436][T31937] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 2611.414003][T31937] F2FS-fs (loop2): invalid crc value
[ 2611.423599][T31937] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 2611.524120][T31937] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0
[ 2611.535702][T31955] EXT4-fs (loop1): 1 orphan inode deleted
[ 2611.542685][T31955] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[ 2611.552528][T31937] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 2611.576395][T31937] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[ 2612.012663][T31983] loop1: detected capacity change from 0 to 256
[ 2612.058273][T31983] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2612.077032][T31983] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2612.210017][T25297] attempt to access beyond end of device
[ 2612.210017][T25297] loop2: rw=2049, want=45104, limit=40427
[ 2612.386495][T19220] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[ 2613.085174][T31989] loop4: detected capacity change from 0 to 512
[ 2613.188450][T31989] EXT4-fs (loop4): 1 orphan inode deleted
[ 2613.222196][T31989] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[ 2613.411595][T32000] loop0: detected capacity change from 0 to 512
[ 2613.441991][T32000] EXT4-fs (loop0): 1 orphan inode deleted
[ 2613.447909][T19220] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2613.458767][T32000] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[ 2613.487699][T19220] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2613.523873][T19220] usb 4-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 2613.534740][T19220] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2613.537666][T32009] loop1: detected capacity change from 0 to 512
[ 2613.551632][T19220] usb 4-1: config 0 descriptor??
[ 2613.604086][T32009] ==================================================================
[ 2613.612012][T32009] BUG: KASAN: use-after-free in __ext4_iget+0x2ee/0x3f00
[ 2613.618947][T32009] Read of size 8 at addr ffff88812f0cf228 by task syz.1.9083/32009
[ 2613.626672][T32009] 
[ 2613.628851][T32009] CPU: 0 PID: 32009 Comm: syz.1.9083 Not tainted 5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[ 2613.638649][T32009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2613.648543][T32009] Call Trace:
[ 2613.651679][T32009]  <TASK>
[ 2613.654501][T32009]  dump_stack_lvl+0x151/0x1b7
[ 2613.658962][T32009]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2613.664425][T32009]  ? panic+0x751/0x751
[ 2613.668343][T32009]  ? __kasan_check_write+0x14/0x20
[ 2613.673281][T32009]  print_address_description+0x87/0x3b0
[ 2613.678689][T32009]  ? __se_sys_mount+0x2c4/0x3b0
[ 2613.683450][T32009]  ? __x64_sys_mount+0xbf/0xd0
[ 2613.688037][T32009]  kasan_report+0x179/0x1c0
[ 2613.692379][T32009]  ? __ext4_iget+0x2ee/0x3f00
[ 2613.696891][T32009]  ? __ext4_iget+0x2ee/0x3f00
[ 2613.701406][T32009]  __asan_report_load8_noabort+0x14/0x20
[ 2613.706876][T32009]  __ext4_iget+0x2ee/0x3f00
[ 2613.711226][T32009]  ? xas_nomem+0x19a/0x1d0
[ 2613.715470][T32009]  ? ida_alloc_range+0x9fd/0xa80
[ 2613.720256][T32009]  ? __kasan_kmalloc+0x9/0x10
[ 2613.724767][T32009]  ? ext4_get_projid+0x140/0x140
[ 2613.729525][T32009]  ? __kasan_check_write+0x14/0x20
[ 2613.734498][T32009]  ? _raw_write_lock+0xa4/0x170
[ 2613.739169][T32009]  ? __proc_create+0x65a/0xa00
[ 2613.743770][T32009]  ? ext4_init_orphan_info+0x161/0x1080
[ 2613.749150][T32009]  ext4_enable_quotas+0x556/0x980
[ 2613.754012][T32009]  ? ext4_force_commit+0xc0/0xc0
[ 2613.758782][T32009]  ? proc_create+0x2b0/0x2b0
[ 2613.763230][T32009]  ? ext4_register_sysfs+0x281/0x2c0
[ 2613.768329][T32009]  ext4_fill_super+0x8b95/0x96e0
[ 2613.773152][T32009]  ? ext4_mount+0x40/0x40
[ 2613.777267][T32009]  ? vscnprintf+0x80/0x80
[ 2613.781436][T32009]  ? set_blocksize+0x1f0/0x380
[ 2613.786036][T32009]  ? sb_set_blocksize+0xa8/0xf0
[ 2613.790741][T32009]  mount_bdev+0x282/0x3b0
[ 2613.794888][T32009]  ? ext4_mount+0x40/0x40
[ 2613.799087][T32009]  ext4_mount+0x34/0x40
[ 2613.803047][T32009]  legacy_get_tree+0xf1/0x190
[ 2613.807561][T32009]  ? ext4_errno_to_code+0x140/0x140
[ 2613.812599][T32009]  vfs_get_tree+0x88/0x290
[ 2613.817332][T32009]  do_new_mount+0x2ba/0xb30
[ 2613.821695][T32009]  ? do_move_mount_old+0x160/0x160
[ 2613.826654][T32009]  ? security_capable+0x87/0xb0
[ 2613.831308][T32009]  ? ns_capable+0x89/0xe0
[ 2613.835480][T32009]  path_mount+0x671/0x1070
[ 2613.839742][T32009]  __se_sys_mount+0x2c4/0x3b0
[ 2613.844245][T32009]  ? exc_page_fault+0x47a/0x830
[ 2613.848953][T32009]  ? __x64_sys_mount+0xd0/0xd0
[ 2613.853544][T32009]  __x64_sys_mount+0xbf/0xd0
[ 2613.857967][T32009]  do_syscall_64+0x3d/0xb0
[ 2613.862222][T32009]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2613.867940][T32009] RIP: 0033:0x7fec0c23d2da
[ 2613.872199][T32009] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 7e 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2613.891643][T32009] RSP: 002b:00007fec0b4bce78 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 2613.899893][T32009] RAX: ffffffffffffffda RBX: 00007fec0b4bcf00 RCX: 00007fec0c23d2da
[ 2613.907696][T32009] RDX: 0000000020000080 RSI: 0000000020000140 RDI: 00007fec0b4bcec0
[ 2613.916054][T32009] RBP: 0000000020000080 R08: 00007fec0b4bcf00 R09: 0000000002000040
[ 2613.923884][T32009] R10: 0000000002000040 R11: 0000000000000206 R12: 0000000020000140
[ 2613.931676][T32009] R13: 00007fec0b4bcec0 R14: 00000000000004d2 R15: 000000000000002c
[ 2613.939516][T32009]  </TASK>
[ 2613.942353][T32009] 
[ 2613.944528][T32009] Allocated by task 31562:
[ 2613.948792][T32009]  __kasan_slab_alloc+0xb1/0xe0
[ 2613.953462][T32009]  slab_post_alloc_hook+0x53/0x2c0
[ 2613.958410][T32009]  kmem_cache_alloc+0xf5/0x200
[ 2613.963016][T32009]  f2fs_alloc_inode+0x26/0x340
[ 2613.967615][T32009]  iget_locked+0x174/0x860
[ 2613.971865][T32009]  f2fs_iget+0x55/0x4de0
[ 2613.975948][T32009]  f2fs_fill_super+0x670b/0x80e0
[ 2613.980723][T32009]  mount_bdev+0x282/0x3b0
[ 2613.984900][T32009]  f2fs_mount+0x34/0x40
[ 2613.988886][T32009]  legacy_get_tree+0xf1/0x190
[ 2613.993398][T32009]  vfs_get_tree+0x88/0x290
[ 2613.997648][T32009]  do_new_mount+0x2ba/0xb30
[ 2614.001990][T32009]  path_mount+0x671/0x1070
[ 2614.006238][T32009]  __se_sys_mount+0x2c4/0x3b0
[ 2614.010758][T32009]  __x64_sys_mount+0xbf/0xd0
[ 2614.015755][T32009]  do_syscall_64+0x3d/0xb0
[ 2614.020013][T32009]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2614.025741][T32009] 
[ 2614.027908][T32009] Last potentially related work creation:
[ 2614.033462][T32009]  kasan_save_stack+0x3b/0x60
[ 2614.037975][T32009]  __kasan_record_aux_stack+0xd3/0xf0
[ 2614.043201][T32009]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 2614.048828][T32009]  call_rcu+0x135/0x1310
[ 2614.052911][T32009]  evict+0x5df/0x630
[ 2614.056642][T32009]  evict_inodes+0x5db/0x660
[ 2614.060979][T32009]  generic_shutdown_super+0x9c/0x2e0
[ 2614.066106][T32009]  kill_block_super+0x7e/0xe0
[ 2614.070611][T32009]  kill_f2fs_super+0x2f9/0x3c0
[ 2614.075213][T32009]  deactivate_locked_super+0xad/0x110
[ 2614.080420][T32009]  deactivate_super+0xbe/0xf0
[ 2614.084938][T32009]  cleanup_mnt+0x45c/0x510
[ 2614.089191][T32009]  __cleanup_mnt+0x19/0x20
[ 2614.093442][T32009]  task_work_run+0x129/0x190
[ 2614.097870][T32009]  exit_to_user_mode_loop+0xc4/0xe0
[ 2614.102910][T32009]  exit_to_user_mode_prepare+0x5a/0xa0
[ 2614.108196][T32009]  syscall_exit_to_user_mode+0x26/0x160
[ 2614.113577][T32009]  do_syscall_64+0x49/0xb0
[ 2614.117833][T32009]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2614.123574][T32009] 
[ 2614.125736][T32009] Second to last potentially related work creation:
[ 2614.132160][T32009]  kasan_save_stack+0x3b/0x60
[ 2614.136667][T32009]  __kasan_record_aux_stack+0xd3/0xf0
[ 2614.141880][T32009]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 2614.147518][T32009]  call_rcu+0x135/0x1310
[ 2614.151598][T32009]  evict+0x5df/0x630
[ 2614.155332][T32009]  iput+0x63b/0x7e0
[ 2614.158978][T32009]  dentry_unlink_inode+0x34f/0x440
[ 2614.163925][T32009]  __dentry_kill+0x447/0x660
[ 2614.168360][T32009]  dentry_kill+0xc0/0x2a0
[ 2614.172516][T32009]  dput+0x45/0x80
[ 2614.176006][T32009]  f2fs_fill_super+0x7765/0x80e0
[ 2614.180770][T32009]  mount_bdev+0x282/0x3b0
[ 2614.184928][T32009]  f2fs_mount+0x34/0x40
[ 2614.188923][T32009]  legacy_get_tree+0xf1/0x190
[ 2614.193439][T32009]  vfs_get_tree+0x88/0x290
[ 2614.197691][T32009]  do_new_mount+0x2ba/0xb30
[ 2614.202028][T32009]  path_mount+0x671/0x1070
[ 2614.206284][T32009]  __se_sys_mount+0x2c4/0x3b0
[ 2614.210797][T32009]  __x64_sys_mount+0xbf/0xd0
[ 2614.215222][T32009]  do_syscall_64+0x3d/0xb0
[ 2614.219479][T32009]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2614.225210][T32009] 
[ 2614.227378][T32009] The buggy address belongs to the object at ffff88812f0ced20
[ 2614.227378][T32009]  which belongs to the cache f2fs_inode_cache of size 1424
[ 2614.241786][T32009] The buggy address is located 1288 bytes inside of
[ 2614.241786][T32009]  1424-byte region [ffff88812f0ced20, ffff88812f0cf2b0)
[ 2614.255065][T32009] The buggy address belongs to the page:
[ 2614.260555][T32009] page:ffffea0004bc3200 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88812f0cb080 pfn:0x12f0c8
[ 2614.271911][T32009] head:ffffea0004bc3200 order:3 compound_mapcount:0 compound_pincount:0
[ 2614.280065][T32009] flags: 0x4000000000010200(slab|head|zone=1)
[ 2614.285991][T32009] raw: 4000000000010200 0000000000000000 dead000000000122 ffff888107facf00
[ 2614.294409][T32009] raw: ffff88812f0cb080 000000008015000d 00000001ffffffff 0000000000000000
[ 2614.302805][T32009] page dumped because: kasan: bad access detected
[ 2614.309084][T32009] page_owner tracks the page as allocated
[ 2614.314608][T32009] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0x1d2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 618, ts 64573207960, free_ts 0
[ 2614.334925][T32009]  post_alloc_hook+0x1a3/0x1b0
[ 2614.339519][T32009]  prep_new_page+0x1b/0x110
[ 2614.343865][T32009]  get_page_from_freelist+0x3550/0x35d0
[ 2614.349256][T32009]  __alloc_pages+0x27e/0x8f0
[ 2614.353672][T32009]  new_slab+0x9a/0x4e0
[ 2614.357577][T32009]  ___slab_alloc+0x39e/0x830
[ 2614.362003][T32009]  __slab_alloc+0x4a/0x90
[ 2614.366166][T32009]  kmem_cache_alloc+0x134/0x200
[ 2614.370859][T32009]  f2fs_alloc_inode+0x26/0x340
[ 2614.375456][T32009]  iget_locked+0x174/0x860
[ 2614.379712][T32009]  f2fs_iget+0x55/0x4de0
[ 2614.383789][T32009]  f2fs_fill_super+0x4eed/0x80e0
[ 2614.388563][T32009]  mount_bdev+0x282/0x3b0
[ 2614.392731][T32009]  f2fs_mount+0x34/0x40
[ 2614.396720][T32009]  legacy_get_tree+0xf1/0x190
[ 2614.401254][T32009]  vfs_get_tree+0x88/0x290
[ 2614.405512][T32009] page_owner free stack trace missing
[ 2614.410696][T32009] 
[ 2614.412865][T32009] Memory state around the buggy address:
[ 2614.418350][T32009]  ffff88812f0cf100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2614.426245][T32009]  ffff88812f0cf180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2614.434146][T32009] >ffff88812f0cf200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2614.442040][T32009]                                   ^
[ 2614.447255][T32009]  ffff88812f0cf280: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
[ 2614.455153][T32009]  ffff88812f0cf300: fc fc fc fc fc fc 00 00 00 00 00 00 00 00 00 00
[ 2614.463040][T32009] ==================================================================
[ 2614.470940][T32009] Disabling lock debugging due to kernel taint
[ 2614.477670][T32009] EXT4-fs warning (device loop1): ext4_enable_quotas:6410: Failed to enable quota tracking (type=0, err=-13, ino=3). Please run e2fsck to fix.
[ 2614.494636][T32009] EXT4-fs (loop1): mount failed
[ 2614.546947][T19220] hid (null): unknown global tag 0xc
[ 2614.552239][T19220] hid (null): unknown global tag 0xe
[ 2614.594563][T19220] lg-g15 0003:046D:C222.022A: unknown global tag 0xc
[ 2614.612507][T19220] lg-g15 0003:046D:C222.022A: item 0 2 1 12 parsing failed
[ 2614.620234][T19220] lg-g15: probe of 0003:046D:C222.022A failed with error -22
[ 2614.752395][T31987] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9076'.
[ 2615.802466][T31042] usb 4-1: USB disconnect, device number 60